public static function _init_()
{
// init assets
if (empty(self::$__assets__)) {
self::$__assets__ = array('SCRIPT' => array('wpcf-access-utils-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'wp-pointer'), 'path' => TACCESS_ASSETS_URL . '/js/utils.js'), 'types-suggest-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery'), 'path' => TACCESS_ASSETS_URL . '/js/suggest.js'), 'wpcf-access-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'suggest', 'jquery-ui-dialog', 'jquery-ui-tabs', 'wp-pointer'), 'path' => TACCESS_ASSETS_URL . '/js/basic.js', 'localization_name' => 'wpcf_access_dialog_texts', 'localization_data' => array('wpcf_change_perms' => __("Change Permissions", 'wpcf-access'), 'wpcf_close' => __("Close", 'wpcf-access'), 'wpcf_cancel' => __("Cancel", 'wpcf-access'), 'wpcf_group_exists' => __("Group already exists", 'wpcf-access'), 'wpcf_assign_group' => __("Assign group", 'wpcf-access'), 'wpcf_set_errors' => __("Set errors", 'wpcf-access'), 'wpcf_error1' => __("Show 404 - page not found", 'wpcf-access'), 'wpcf_error2' => __("Show Content Template", 'wpcf-access'), 'wpcf_error3' => __("Show Page template", 'wpcf-access'), 'wpcf_info1' => __("Template", 'wpcf-access'), 'wpcf_info2' => __("PHP Template", 'wpcf-access'), 'wpcf_info3' => __("PHP Archive", 'wpcf-access'), 'wpcf_info4' => __("View Archive", 'wpcf-access'), 'wpcf_info5' => __("Display: 'No posts found'", 'wpcf-access'), 'wpcf_access_group' => __("Access group", 'wpcf-access'), 'wpcf_custom_access_group' => __("Custom Access Group", 'wpcf-access'), 'wpcf_add_group' => __("Add Group", 'wpcf-access'), 'wpcf_modify_group' => __("Modify Group", 'wpcf-access'), 'wpcf_remove_group' => __("Remove Group", 'wpcf-access'), 'wpcf_role_permissions' => __("Role permissions", 'wpcf-access'), 'wpcf_delete_role' => __("Delete role", 'wpcf-access'), 'wpcf_save' => __("Save", 'wpcf-access'))), 'toolset-colorbox' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery'), 'path' => TACCESS_ASSETS_URL . '/common/res/js/jquery.colorbox-min.js'), 'views-utils-script' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'underscore', 'backbone'), 'path' => TACCESS_ASSETS_URL . '/common/utility/js/utils.js', 'localization_name' => 'wpv_help_box_texts', 'localization_data' => array('wpv_dont_show_it_again' => __("Got it! Don't show this message again", 'wpcf-access'), 'wpv_close' => __("Close", 'wpcf-access')))), 'STYLE' => array('font-awesome' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/font-awesome.min.css'), 'types-debug' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/pre.css'), 'types-suggest-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/suggest.css'), 'wpcf-access-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('font-awesome', 'wp-pointer', 'wp-jquery-ui-dialog'), 'path' => TACCESS_ASSETS_URL . '/css/basic.css'), 'toolset-colorbox' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/colorbox.css'), 'notifications' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/notifications.css'), 'wpcf-access-dialogs-css' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/dialogs.css')));
}
// init dependencies paths, if any
if (empty(self::$__dependencies__)) {
self::$__dependencies__ = array('MODEL' => array('Access' => array(array('class' => 'Access_Model', 'path' => TACCESS_INCLUDES_PATH . '/Model.php'))), 'CLASS' => array('XML_Processor' => array(array('class' => 'Access_XML_Processor', 'path' => TACCESS_INCLUDES_PATH . '/XML_Processor.php')), 'Updater' => array(array('class' => 'Access_Updater', 'path' => TACCESS_INCLUDES_PATH . '/Updater.php')), 'Helper' => array(array('class' => 'Access_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Helper.php')), 'Admin' => array(array('class' => 'Access_Admin', 'path' => TACCESS_INCLUDES_PATH . '/Admin.php')), 'Admin_Edit' => array(array('class' => 'Access_Admin_Edit', 'path' => TACCESS_INCLUDES_PATH . '/Admin_Edit.php')), 'Ajax' => array(array('class' => 'Access_Ajax_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Ajax_Helper.php')), 'Upload' => array(array('class' => 'Access_Upload_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Upload_Helper.php')), 'Debug' => array(array('class' => 'Access_Debug', 'path' => TACCESS_INCLUDES_PATH . '/Debug.php')), 'Post' => array(array('class' => 'Access_Post_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Post_Helper.php'))));
}
}
private static function update_to_116()
{
//taccess_log(array('update to 1.1.6', self::$db_ver, TACCESS_VERSION));
$model = TAccess_Loader::get('MODEL/Access');
// Post Types
$access_types = $model->getAccessTypes();
$wpcf_types = $model->getWpcfTypes();
// merge with Access settings saved in Types tables, since Access is standalone now
foreach ($wpcf_types as $t => $d) {
if (isset($d['_wpcf_access_capabilities'])) {
if (!isset($access_types[$t])) {
$access_types[$t] = $d['_wpcf_access_capabilities'];
}
unset($wpcf_types[$t]['_wpcf_access_capabilities']);
}
}
$model->updateWpcfTypes($wpcf_types);
$model->updateAccessTypes($access_types);
unset($wpcf_types);
unset($access_types);
// Taxonomies
$access_taxonomies = $model->getAccessTaxonomies();
$wpcf_taxonomies = $model->getWpcfTaxonomies();
// merge with Access settings saved in Types tables, since Access is standalone now
foreach ($wpcf_taxonomies as $t => $d) {
if (isset($d['_wpcf_access_capabilities'])) {
if (!isset($access_taxonomies[$t])) {
$access_taxonomies[$t] = $d['_wpcf_access_capabilities'];
}
unset($wpcf_taxonomies[$t]['_wpcf_access_capabilities']);
}
}
$model->updateWpcfTaxonomies($wpcf_taxonomies);
$model->updateAccessTaxonomies($access_taxonomies);
unset($wpcf_taxonomies);
unset($access_taxonomies);
self::$db_ver = array_merge(self::$db_ver, array('1.1.6' => 1));
}
/**
* Admin page form.
*/
public static function wpcf_access_admin_edit_access($enabled = true)
{
global $wpcf_access;
$model = TAccess_Loader::get('MODEL/Access');
$roles = Access_Helper::wpcf_get_editable_roles();
$shortcuts = array();
$output = '';
$output .= '<form id="wpcf_access_admin_form" method="post" action="">';
$show_message = get_option('wpcf_hide_max_fields_message', 0);
$fields_limit = ini_get('max_input_vars');
if ($show_message == 0) {
$fields_limit = 99999999999.0;
}
$output .= '<input type="hidden" value="' . $fields_limit . '" name="max_input_vars" id="js-max-input-vars"
data-message="' . esc_js(__('The changes on this page may not save because it requires more input variables. Please modify the "max_input_vars" setting in your php.ini or .htaccess files to <!NUM!> or more.', 'wpcf-access')) . '"
data-btn="' . __('Ok', 'wpcf-access') . '"
data-header="' . __('Warning', 'wpcf-access') . '"
data-hide_error="' . __("Don't show this message again", 'wpcf-access') . '"
/>';
$output .= '<div class="js-submit-button-all"><input type="submit"
value="' . __('Save everything', 'wpcf-access') . '"
id="submit-999"
class="wpcf-access-submit button-primary js-wpcf-access-submit" /><span class="ajax-loading spinner"></span></div>';
$output .= wp_nonce_field('wpcf-access-error-pages', 'wpcf-access-error-pages', true, false);
$access_bypass_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses the same name for singular name and plural name. Access can't control access to this object. Please use a different name for the singular and plural names.", 'wpcf-access') . "</p></div>";
$access_conflict_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses capability names that conflict with default Wordpress capabilities. Access can not manage this entity, try changing entity's name and / or slug", 'wpcf-access') . "</p></div>";
$access_notices = '';
//$isTypesActive = Access_Helper::wpcf_access_is_wpcf_active();
// Types
$settings_access = $model->getAccessTypes();
$types = $model->getPostTypes();
$types = Access_Helper::wpcf_object_to_array($types);
//taccess_log($types);
foreach ($types as $type_slug => $type_data) {
// filter types, excluding types that do not have different plural and singular names
if (isset($type_data['__accessIsNameValid']) && !$type_data['__accessIsNameValid']) {
$access_notices .= sprintf($access_bypass_template, __('Post Type', 'wpcf-access'), $type_data['labels']['singular_name']);
unset($types[$type_slug]);
continue;
}
if (isset($type_data['__accessIsCapValid']) && !$type_data['__accessIsCapValid']) {
$access_notices .= sprintf($access_conflict_template, __('Post Type', 'wpcf-access'), $type_data['labels']['singular_name']);
unset($types[$type_slug]);
continue;
}
if (isset($settings_access[$type_slug])) {
$types[$type_slug]['_wpcf_access_capabilities'] = $settings_access[$type_slug];
}
if (!empty($type_data['_wpcf_access_inherits_post_cap'])) {
$types[$type_slug]['_wpcf_access_inherits_post_cap'] = 1;
}
}
// Put Posts and Pages in front
$temp = array('page', 'post');
foreach ($temp as $t) {
if (isset($types[$t])) {
$clone = array($t => $types[$t]);
unset($types[$t]);
$types = $clone + $types;
}
}
if (!empty($types)) {
$output .= '<h3 class="wpcf-section-header">' . __('Post Types', 'wpcf-access') . '</h3>';
foreach ($types as $type_slug => $type_data) {
if ($type_data['public'] === 'hidden') {
continue;
}
if ($type_slug == 'view-template' || $type_slug == 'view' || $type_slug == 'cred-form' || $type_slug == 'cred-user-form') {
// Don't list Views and View templates separately.
// Don't list CRED form post types.
continue;
}
// Set data
$mode = isset($type_data['_wpcf_access_capabilities']['mode']) ? $type_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
$container_class = 'is-enabled';
if (!$enabled || $mode === 'not_managed') {
$container_class = '';
}
$output .= '<a name="' . $type_slug . '"></a>';
$shortcuts[__('Post Types', 'wpcf-access')][] = array($type_data['labels']['name'], $type_slug);
$output .= '<div class="wpcf-access-type-item ' . $container_class . ' wpcf-access-post-type-name-' . $type_slug . ' js-wpcf-access-type-item">';
$output .= '<h4>' . $type_data['labels']['name'] . '</h4>';
$output .= '<div class="wpcf-access-mode">';
$output .= '<p class="wpcf-access-mode-control">
<label>
<input type="checkbox" class="js-wpcf-enable-access" value="permissions" ';
if (!$enabled) {
$output .= 'disabled="disabled" readonly="readonly" ';
}
$output .= $mode != 'not_managed' ? 'checked="checked" />' : ' />';
$output .= '<input type="hidden" class="js-wpcf-enable-set" ' . 'name="types_access[types][' . $type_slug . '][mode]" value="' . $mode . '" />';
$output .= '' . __('Managed by Access', 'wpcf-access') . '</label>
</p>';
// Warning fallback
if ((empty($type_data['_wpcf_access_outsider']) || !empty($type_data['_wpcf_access_inherits_post_cap'])) && !in_array($type_slug, array('post', 'page'))) {
$output .= '<div class="toolset-alert toolset-alert-warning warning-fallback js-warning-fallback"';
if ($mode != 'not_managed') {
$output .= ' style="display:none;"';
}
$output .= '>' . __('This post type will inherit the same access rights as the standard WordPress Post when not Managed by Access.', 'wpcf-access');
$output .= '</div>';
}
$permissions = !empty($type_data['_wpcf_access_capabilities']['permissions']) ? $type_data['_wpcf_access_capabilities']['permissions'] : array();
$output .= self::wpcf_access_permissions_table($roles, $permissions, Access_Helper::wpcf_access_types_caps_predefined(), 'types', $type_slug, $enabled, $mode != 'not_managed', $settings_access, $type_data);
$output .= '</div><!-- wpcf-access-mode -->';
$output .= '<p class="wpcf-access-buttons-wrap">';
$output .= self::wpcf_access_reset_button($type_slug, 'type', $enabled, $mode != 'not_managed');
$output .= self::wpcf_access_submit_button($enabled, $mode != 'not_managed', $type_data['labels']['name']);
$output .= '</p>';
$args = array('posts_per_page' => -1, 'post_status' => 'publish', 'post_type' => array($type_slug), 'meta_query' => array(array('key' => '_wpcf_access_group')));
$the_query = new WP_Query($args);
if ($the_query->found_posts > 0) {
$used_groups = array();
$groupz = '';
while ($the_query->have_posts()) {
$the_query->the_post();
$ogroup = get_post_meta(get_the_ID(), '_wpcf_access_group', true);
if (!in_array($ogroup, $used_groups) && isset($settings_access[$ogroup]['title'])) {
$used_groups[] = $ogroup;
$groupz .= '<a href="#' . $ogroup . '">' . $settings_access[$ogroup]['title'] . '</a>, ';
}
}
$groupz = substr($groupz, 0, -2);
$message = sprintf(__('Some %s may have different read access settings because they belong to these access groups: %s', 'wpcf-access'), $type_data['labels']['name'], $groupz);
$output .= '<div class="toolset-alert toolset-alert-info js-toolset-alert" style="display: block; opacity: 1; ">' . $message . '</div>';
}
if ($type_slug == 'attachment') {
$output .= '<div class="toolset-alert toolset-alert-info js-toolset-alert" style="display: block; opacity: 1; ">' . __('This section controls access to media-element pages and not to media that is included in posts and pages.', 'wpcf-access') . '</div>';
}
$output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
$output .= '</div><!-- wpcf-access-type-item -->';
}
}
// Taxonomies
$supports_check = array();
$settings_access = $model->getAccessTaxonomies();
$taxonomies = $model->getTaxonomies();
$taxonomies = Access_Helper::wpcf_object_to_array($taxonomies);
//taccess_log($taxonomies);
foreach ($taxonomies as $tax_slug => $tax_data) {
// filter taxonomies, excluding tax that do not have different plural and singular names
if (isset($tax_data['__accessIsNameValid']) && !$tax_data['__accessIsNameValid']) {
$access_notices .= sprintf($access_bypass_template, __('Taxonomy', 'wpcf-access'), $tax_data['labels']['singular_name']);
unset($taxonomies[$tax_slug]);
continue;
}
if (isset($tax_data['__accessIsCapValid']) && !$tax_data['__accessIsCapValid']) {
$access_notices .= sprintf($access_conflict_template, __('Taxonomy', 'wpcf-access'), $tax_data['labels']['singular_name']);
unset($taxonomies[$tax_slug]);
continue;
}
$taxonomies[$tax_slug]['supports'] = array_flip($tax_data['object_type']);
if (isset($settings_access[$tax_slug])) {
$taxonomies[$tax_slug]['_wpcf_access_capabilities'] = $settings_access[$tax_slug];
}
/*if ('product_shipping_class'==$tax_slug)
{
taccess_log($taxonomies[$tax_slug]);
}*/
if ($enabled) {
$mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'follow';
// Only check if in 'follow' mode
// if ($mode != 'follow' || empty($tax_data['supports'])) {
if (empty($tax_data['supports'])) {
continue;
}
foreach ($tax_data['supports'] as $supports_type => $true) {
if (!isset($types[$supports_type]['_wpcf_access_capabilities']['mode'])) {
continue;
}
$mode = $types[$supports_type]['_wpcf_access_capabilities']['mode'];
if (!isset($types[$supports_type]['_wpcf_access_capabilities'][$mode])) {
continue;
}
$supports_check[$tax_slug][md5($mode . serialize($types[$supports_type]['_wpcf_access_capabilities'][$mode]))][] = $types[$supports_type]['labels']['name'];
}
}
}
// Put Categories and Tags in front
$temp = array('post_tag', 'category');
foreach ($temp as $t) {
if (isset($taxonomies[$t])) {
$clone = array($t => $taxonomies[$t]);
unset($taxonomies[$t]);
$taxonomies = $clone + $taxonomies;
}
}
if (!empty($taxonomies)) {
$output .= '<h3 class="wpcf-section-header">' . __('Taxonomies', 'wpcf-access') . '</h3>';
foreach ($taxonomies as $tax_slug => $tax_data) {
$mode = 'not_managed';
if ($tax_data['public'] === 'hidden') {
continue;
}
// Set data
if (isset($tax_data['_wpcf_access_capabilities']['mode'])) {
$mode = $tax_data['_wpcf_access_capabilities']['mode'];
} elseif ($enabled) {
$mode = Access_Helper::wpcf_access_get_taxonomy_mode($tax_slug, $mode);
} else {
$mode = 'not_managed';
}
/*if ('product_shipping_class'==$tax_slug)
{
taccess_log(array($mode, $taxonomies[$tax_slug]));
}*/
/*$mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
if ($enabled) {
$mode = wpcf_access_get_taxonomy_mode($tax_slug, $mode);
}*/
// For built-in set default to 'not_managed'
if (in_array($tax_slug, array('category', 'post_tag'))) {
$mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
}
$custom_data = Access_Helper::wpcf_access_tax_caps();
if (isset($tax_data['_wpcf_access_capabilities']['permissions'])) {
foreach ($tax_data['_wpcf_access_capabilities']['permissions'] as $cap_slug => $cap_data) {
$custom_data[$cap_slug]['role'] = $cap_data['role'];
$custom_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array();
}
}
$output .= '<a name="' . $tax_slug . '"></a>';
$shortcuts[__('Taxonomies', 'wpcf-access')][] = array($tax_data['labels']['name'], $tax_slug);
$output .= '<div class="wpcf-access-type-item js-wpcf-access-type-item ' . $container_class . '">';
$output .= '<h4>' . $tax_data['labels']['name'] . '</h4>';
// Add warning if shared and settings are different
$disable_same_as_parent = false;
if ($enabled && isset($supports_check[$tax_slug]) && count($supports_check[$tax_slug]) > 1) {
$txt = array();
foreach ($supports_check[$tax_slug] as $sc_tax_md5 => $sc_tax_md5_data) {
$txt = array_merge($txt, $sc_tax_md5_data);
}
$last_element = array_pop($txt);
$warning = '<br /><img src="' . TACCESS_ASSETS_URL . '/images/warning.png" style="position:relative;top:2px;" />' . sprintf(__('You need to manually set the access rules for taxonomy %s. That taxonomy is shared between several post types that have different access rules.'), $tax_data['labels']['name'], implode(', ', $txt), $last_element);
$output .= $warning;
$disable_same_as_parent = true;
}
$output .= '<div class="wpcf-access-mode">';
// Managed checkbox - Custom taxonomies section
$output .= '<p>';
$output .= '<label><input type="checkbox" class="not-managed js-wpcf-enable-access" name="types_access[tax][' . $tax_slug . '][not_managed]" value="1"';
if (!$enabled) {
$output .= ' disabled="disabled" readonly="readonly"';
}
$output .= $mode != 'not_managed' ? ' checked="checked"' : '';
$output .= '/>' . __('Managed by Access', 'wpcf-access') . '</label>';
$output .= '</p>';
// 'Same as parent' checkbox
$output .= '<p>';
$output .= '<label><input type="checkbox" class="follow js-wpcf-follow-parent" name="types_access[tax][' . $tax_slug . '][mode]" value="follow"';
if (!$enabled) {
$output .= ' disabled="disabled" readonly="readonly" checked="checked"';
} else {
if ($disable_same_as_parent) {
$output .= ' disabled="disabled" readonly="readonly"';
} else {
$output .= $mode == 'follow' ? ' checked="checked"' : '';
}
}
$output .= ' />' . __('Same as Parent', 'wpcf-access') . '</label>';
$output .= '</p>';
$output .= '<div class="wpcf-access-mode-custom">';
$output .= self::wpcf_access_permissions_table($roles, $custom_data, $custom_data, 'tax', $tax_slug, $enabled, $mode != 'not_managed', $settings_access);
$output .= '</div> <!-- .wpcf-access-mode-custom -->';
$output .= '</div> <!-- wpcf-access-mode -->';
$output .= '<p class="wpcf-access-buttons-wrap">';
$output .= self::wpcf_access_reset_button($tax_slug, 'tax', $enabled);
$output .= self::wpcf_access_submit_button($enabled, $mode != 'not_managed', $tax_data['labels']['name']);
$output .= '</p>';
$output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
$output .= '</div> <!-- wpcf-access-type-item -->';
}
}
// Allow 3rd party
$third_party = $model->getAccessThirdParty();
$areas = apply_filters('types-access-area', array());
foreach ($areas as $area) {
// Do not allow 'types' ID
if (in_array($area['id'], array('types', 'tax'))) {
continue;
}
// make all groups of same area appear on same line in shortcuts
$shortcuts[$area['name']] = array();
$groups = apply_filters('types-access-group', array(), $area['id']);
if (!is_array($groups) || empty($groups)) {
continue;
}
$output .= '<h3 class="wpcf-section-header">' . $area['name'] . '</h3>';
foreach ($groups as $group) {
//$shortcuts[$area['name']][$group['name']]=array();
$shortcuts[$area['name']][] = array($group['name'], $group['id']);
$output .= '<a name="' . $group['id'] . '"></a>';
$output .= '<div class="wpcf-access-type-item js-wpcf-access-type-item">';
$output .= '<h4>' . $group['name'] . '</h4>';
$output .= '<div class="wpcf-access-mode">';
$caps = array();
$caps_filter = apply_filters('types-access-cap', array(), $area['id'], $group['id']);
$saved_data = array();
foreach ($caps_filter as $cap_slug => $cap) {
$caps[$cap['cap_id']] = $cap;
if (isset($cap['default_role'])) {
$caps[$cap['cap_id']]['role'] = $cap['role'] = $cap['default_role'];
}
$saved_data[$cap['cap_id']] = isset($third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']]) ? $third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']] : array('role' => $cap['role']);
}
// Add registered via other hook
if (!empty($wpcf_access->third_party[$area['id']][$group['id']]['permissions'])) {
foreach ($wpcf_access->third_party[$area['id']][$group['id']]['permissions'] as $cap_slug => $cap) {
// Don't allow duplicates
if (isset($caps[$cap['cap_id']])) {
unset($wpcf_access->third_party[$area['id']][$group['id']]['permissions'][$cap_slug]);
continue;
}
$saved_data[$cap['cap_id']] = $cap['saved_data'];
$caps[$cap['cap_id']] = $cap;
}
}
if (isset($cap['style']) && $cap['style'] == 'dropdown') {
} else {
$output .= self::wpcf_access_permissions_table($roles, $saved_data, $caps, $area['id'], $group['id'], true, $settings_access);
}
$output .= '<p class="wpcf-access-buttons-wrap">';
$output .= self::wpcf_access_submit_button($enabled, true, $group['name']);
$output .= '</p>';
$output .= '</div> <!-- .wpcf-access-mode -->';
$output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
//3rd party
$output .= '</div> <!-- .wpcf-access-type-item -->';
}
}
//Custom Groups
$settings_access = $model->getAccessTypes();
$show_section_header = true;
if (is_array($settings_access) && !empty($settings_access)) {
foreach ($settings_access as $group_slug => $group_data) {
if (strpos($group_slug, 'wpcf-custom-group-') !== 0) {
continue;
}
if ($show_section_header) {
$output .= '<h3 class="wpcf-section-header">' . __('Custom groups', 'wpcf-access') . '</h3>';
$show_section_header = false;
}
$group_div_id = str_replace('%', '', $group_slug);
$group['name'] = $group_data['title'];
$shortcuts['Custom Groups'][] = array($group['name'], $group['id']);
$output .= '<a name="' . $group['id'] . '"></a>';
$output .= '<div class="wpcf-access-custom-group wpcf-access-type-item is-enabled js-wpcf-access-type-item" id="js-box-' . $group_div_id . '">';
$output .= '<h4>' . $group['name'] . '</h4>';
$output .= '<div class="wpcf-access-mode">';
$caps = array();
$saved_data = array();
// Add registered via other hook
if (!empty($group_data['permissions'])) {
$saved_data['read'] = $group_data['permissions']['read'];
}
$def = array('read' => array('title' => 'Read', 'role' => 'guest', 'predefined' => 'read', 'cap_id' => 'group'));
$output .= self::wpcf_access_permissions_table($roles, $saved_data, $def, 'types', $group['id'], $enabled, 'permissions', $settings_access);
$output .= '<p class="wpcf-access-buttons-wrap">';
$output .= '<span class="ajax-loading spinner"></span>';
$output .= '<input data-group="' . $group_slug . '" data-groupdiv="' . $group_div_id . '" type="button" value="' . __('Modify Group', 'wpcf-access') . '" class="js-wpcf-modify-group button-secondary" /> ';
$output .= '<input data-group="' . $group_slug . '" data-groupdiv="' . $group_div_id . '" type="button" value="' . __('Remove Group', 'wpcf-access') . '" class="js-wpcf-remove-group button-secondary" /> ';
$output .= self::wpcf_access_submit_button($enabled, true, $group['name']);
$output .= '</p>';
$output .= '<input type="hidden" name="groupvalue-' . $group_slug . '" value="' . $group_data['title'] . '">';
$output .= '</div> <!-- .wpcf-access-mode -->';
$output .= '</div> <!-- .wpcf-access-custom-group -->';
}
}
// $output .= '<div class="wpcf-access-new-button-wrap">';
$output .= '<button data-label="' . __('Add Group', 'wpcf-access') . '" value="' . __('Add custom group', 'wpcf-access') . '" class="button button-large button-secondary wpcf-add-new-access-group js-wpcf-add-new-access-group"><i class="icon-plus"></i>' . __('Add custom group', 'wpcf-access') . '</button>';
// $output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">'. __('Back to Top', 'wpcf-access') .'</a></p>';
// $output .= '</div>';
// Custom roles
$output .= '<a id="custom-roles" name="custom-roles"></a>';
$output .= '<h3>' . __('Custom Roles', 'wpcf-access') . '</h3>';
$output .= self::wpcf_access_admin_set_custom_roles_level_form($roles, $enabled);
$output .= wp_nonce_field('wpcf-access-edit', '_wpnonce', true, false);
$output .= '<input type="hidden" name="action" value="wpcf_access_save_settings" />';
$output .= '<div class="js-submit-button-all"><input type="submit"
value="' . __('Save everything', 'wpcf-access') . '"
id="submit-999"
class="wpcf-access-submit button-primary js-wpcf-access-submit" /><span class="ajax-loading spinner"></span></div>';
$output .= '</form>';
$output .= '<p class="wpcf-access-top-anchor anchor-floated"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
$output .= self::wpcf_access_new_role_form($enabled);
$shortcuts[__('Custom Roles', 'wpcf-access')] = array(array(__('Custom Roles', 'wpcf-access'), "custom-roles"));
// Shortcuts
$shortmenus = '';
if (!empty($shortcuts)) {
$shortmenus .= '<p class="wpcf-access-top-anchor"><a name="wpcf-access-top-anchor" id="wpcf-access-top-anchor"></a></p>';
//TODO: check anchor text
$shortmenus .= '<h3>' . __('On this page', 'wpcf-access') . '</h3>';
foreach ($shortcuts as $section => $items) {
$shortmenu = '';
if (!empty($items)) {
$shortmenu .= '<div class="wpcf-access-shortcuts-wrappet">
<span class="wpcf-access-shortcut-section">' . $section . '</span>: ';
foreach ($items as $item) {
$shortmenu .= '<a href="#' . $item[1] . '" class="wpcf-access-shortcuts">' . $item[0] . '</a>';
}
$shortmenus .= rtrim($shortmenu, ',') . '
</div>';
}
}
// $shortmenus .= '<br /><br />';
}
// Link to wp-types.com Access home URL
$link_to_manual = '<a href="http://wp-types.com/documentation/user-guides/?utm_source=accessplugin&utm_campaign=access&utm_medium=access-edit&utm_term=Access manuals#Access" title="' . __('Access Manuals »') . '" target="_blank" ' . 'class="wpcf-access-link-to-manual" style="display:block;font-weight:bold;background-image: url(\'' . TACCESS_ASSETS_URL . '/images/question.png\');background-repeat: no-repeat;text-indent: 18px;">' . __('Access Manuals »', 'wpcf-access') . '</a>';
echo $link_to_manual . '<div id="wpcf_access_notices">' . $access_notices . '</div>' . $shortmenus . $output;
}
/**
* Save post hook.
*
* @param type $post_id
*/
public static function wpcf_access_post_save($post_id)
{
$areas = Access_Helper::wpcf_access_get_areas();
foreach ($areas as $area) {
$groups = array();
$groups = apply_filters('types-access-show-ui-group', $groups, $area['id']);
foreach ($groups as $group) {
$caps = array();
$caps = apply_filters('types-access-cap', $caps, $area['id'], $group['id']);
foreach ($caps as $cap) {
do_action('types-access-process-ui-result', $area['id'], $group['id'], $cap['cap_id']);
}
}
}
$model = TAccess_Loader::get('MODEL/Access');
if (isset($_POST['types_access']) && !empty($_POST['types_access'])) {
$model->updateAccessMeta($post_id, sanitize_text_field($_POST['types_access']));
} else {
$model->deleteAccessMeta($post_id);
}
}
/**
* All AJAX calls go here.
*
* @todo auth
*/
function wpcf_ajax_embedded()
{
if (isset($_REQUEST['_typesnonce'])) {
if (!wp_verify_nonce($_REQUEST['_typesnonce'], '_typesnonce')) {
die('Verification failed (1)');
}
} else {
if (!isset($_REQUEST['_wpnonce']) || !wp_verify_nonce($_REQUEST['_wpnonce'], $_REQUEST['wpcf_action'])) {
die('Verification failed (2)');
}
}
global $wpcf;
switch ($_REQUEST['wpcf_action']) {
case 'insert_skype_button':
if (!current_user_can('edit_posts')) {
die('Authentication failed');
}
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields/skype.php';
wpcf_fields_skype_meta_box_ajax();
break;
case 'editor_callback':
if (!current_user_can('edit_posts')) {
die('Authentication failed');
}
// Determine Field type and context
$views_meta = false;
$field_id = sanitize_text_field($_GET['field_id']);
// todo this could be written in like four lines
if (isset($_GET['field_type']) && $_GET['field_type'] == 'usermeta') {
// Group filter
wp_enqueue_script('suggest');
$field = types_get_field($field_id, 'usermeta');
$meta_type = 'usermeta';
} elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'views-usermeta') {
$field = types_get_field($field_id, 'usermeta');
$meta_type = 'usermeta';
$views_meta = true;
} elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'termmeta') {
// Group filter
wp_enqueue_script('suggest');
$field = types_get_field($field_id, 'termmeta');
$meta_type = 'termmeta';
} elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'views-termmeta') {
$field = types_get_field($field_id, 'termmeta');
$meta_type = 'termmeta';
$views_meta = true;
} else {
$field = types_get_field($field_id);
$meta_type = 'postmeta';
}
$parent_post_id = isset($_GET['post_id']) ? intval($_GET['post_id']) : null;
$shortcode = isset($_GET['shortcode']) ? urldecode($_GET['shortcode']) : null;
$callback = isset($_GET['callback']) ? sanitize_text_field($_GET['callback']) : false;
if (!empty($field)) {
// Editor
WPCF_Loader::loadClass('editor');
$editor = new WPCF_Editor();
$editor->frame($field, $meta_type, $parent_post_id, $shortcode, $callback, $views_meta);
}
break;
case 'dismiss_message':
if (!is_user_logged_in()) {
die('Authentication failed');
}
if (isset($_GET['id'])) {
$messages = get_option('wpcf_dismissed_messages', array());
$messages[] = sanitize_text_field($_GET['id']);
update_option('wpcf_dismissed_messages', $messages);
}
break;
case 'pr_add_child_post':
global $current_user;
$output = '<tr>' . __('Passed wrong parameters', 'wpcf') . '</tr>';
$id = 0;
$target_post_type = isset($_GET['post_type_child']) ? sanitize_text_field($_GET['post_type_child']) : '';
$has_permissions = true;
if (class_exists('Access_Helper') && class_exists('TAccess_Loader') && $target_post_type != '') {
$model = TAccess_Loader::get('MODEL/Access');
$settings_access = $model->getAccessTypes();
if (isset($settings_access[$target_post_type])) {
$role = Access_Helper::wpcf_get_current_logged_user_role();
if ($role == '') {
$role = 'guest';
$user_level = 0;
}
if ($role != 'administrator') {
if ($role != 'guest') {
$user_level = Access_Helper::wpcf_get_current_logged_user_level($current_user);
}
$has_permissions = Access_Helper::wpcf_access_check_if_user_can($settings_access[$target_post_type]['permissions']['publish']['role'], $user_level);
}
} else {
if (!current_user_can('publish_posts')) {
$has_permissions = false;
}
}
} else {
if (!current_user_can('publish_posts')) {
$has_permissions = false;
}
}
if (!$has_permissions) {
$output = '<tr><td>' . __('You do not have rights to create new items', 'wpcf') . '</td></tr>';
} else {
if (isset($_GET['post_id']) && isset($_GET['post_type_child']) && isset($_GET['post_type_parent'])) {
$relationships = get_option('wpcf_post_relationship', array());
$parent_post_id = intval($_GET['post_id']);
$parent_post = get_post($parent_post_id);
if (!empty($parent_post->ID)) {
$post_type = sanitize_text_field($_GET['post_type_child']);
$parent_post_type = sanitize_text_field($_GET['post_type_parent']);
// @todo isset & error handling
$data = $relationships[$parent_post_type][$post_type];
/*
* Since Types 1.1.5
*
* We save new post
* CHECKPOINT
*/
$id = $wpcf->relationship->add_new_child($parent_post->ID, $post_type);
if (is_wp_error($id)) {
$output = '<tr>' . $id->get_error_message() . '</tr>';
} else {
/*
* Here we set Relationship
* CHECKPOINT
*/
$parent = get_post($parent_post_id);
$child = get_post($id);
if (!empty($parent->ID) && !empty($child->ID)) {
// Set post
$wpcf->post = $child;
// Set relationship :)
$wpcf->relationship->_set($parent, $child, $data);
// Render new row
$output = $wpcf->relationship->child_row($parent_post->ID, $id, $data);
} else {
$output = '<tr>' . __('Error creating post relationship', 'wpcf') . '</tr>';
}
}
} else {
$output = '<tr>' . __('Error getting parent post', 'wpcf') . '</tr>';
}
}
}
if (!defined('WPTOOLSET_FORMS_VERSION')) {
echo json_encode(array('output' => $output . wpcf_form_render_js_validation('#post', false), 'child_id' => $id));
} else {
echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post')), 'child_id' => $id));
}
break;
case 'pr_save_all':
ob_start();
// Try to catch any errors
$output = '';
if (current_user_can('edit_posts') && isset($_POST['post_id'])) {
$parent_id = intval($_POST['post_id']);
$post_type = sanitize_text_field($_POST['post_type']);
if (isset($_POST['wpcf_post_relationship'][$parent_id])) {
$children = wpcf_sanitize_post_realtionship_input((array) $_POST['wpcf_post_relationship'][$parent_id]);
$wpcf->relationship->save_children($parent_id, $children);
$output = $wpcf->relationship->child_meta_form($parent_id, strval($post_type));
}
}
if (!defined('WPTOOLSET_FORMS_VERSION')) {
// TODO Move to conditional
$output .= '<script type="text/javascript">wpcfConditionalInit();</script>';
}
wpcf_show_admin_messages('echo');
$errors = ob_get_clean();
if (!defined('WPTOOLSET_FORMS_VERSION')) {
echo json_encode(array('output' => $output, 'errors' => $errors));
} else {
echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post')), 'errors' => $errors));
}
break;
case 'pr_save_child_post':
ob_start();
// Try to catch any errors
$output = '';
if (current_user_can('edit_posts') && isset($_GET['post_id']) && isset($_GET['parent_id']) && isset($_GET['post_type_parent']) && isset($_GET['post_type_child']) && isset($_POST['wpcf_post_relationship'])) {
$parent_id = intval($_GET['parent_id']);
$child_id = intval($_GET['post_id']);
$parent_post_type = sanitize_text_field($_GET['post_type_parent']);
$child_post_type = sanitize_text_field($_GET['post_type_child']);
if (isset($_POST['wpcf_post_relationship'][$parent_id][$child_id])) {
$fields = wpcf_sanitize_post_relationship_input_fields((array) $_POST['wpcf_post_relationship'][$parent_id][$child_id]);
$wpcf->relationship->save_child($parent_id, $child_id, $fields);
$output = $wpcf->relationship->child_row($parent_id, $child_id, $wpcf->relationship->settings($parent_post_type, $child_post_type));
if (!defined('WPTOOLSET_FORMS_VERSION')) {
// TODO Move to conditional
$output .= '<script type="text/javascript">wpcfConditionalInit(\'#types-child-row-' . $child_id . '\');</script>';
}
}
}
wpcf_show_admin_messages('echo');
$errors = ob_get_clean();
if (!defined('WPTOOLSET_FORMS_VERSION')) {
echo json_encode(array('output' => $output, 'errors' => $errors));
} else {
echo json_encode(array('output' => $output, 'errors' => $errors, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
}
break;
case 'pr_delete_child_post':
require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php';
$output = 'Passed wrong parameters';
if (current_user_can('edit_posts') && isset($_GET['post_id'])) {
$output = wpcf_pr_admin_delete_child_item(intval($_GET['post_id']));
}
echo json_encode(array('output' => $output));
break;
case 'pr_pagination':
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php';
$output = 'Passed wrong parameters';
if (current_user_can('edit_posts') && isset($_GET['post_id']) && isset($_GET['post_type'])) {
global $wpcf;
$parent = get_post(intval($_GET['post_id']));
$child_post_type = sanitize_text_field($_GET['post_type']);
if (!empty($parent->ID)) {
// Set post in loop
$wpcf->post = $parent;
// Save items_per_page
$wpcf->relationship->save_items_per_page($parent->post_type, $child_post_type, intval($_GET[$wpcf->relationship->items_per_page_option_name]));
$output = $wpcf->relationship->child_meta_form($parent->ID, $child_post_type);
}
}
if (!defined('WPTOOLSET_FORMS_VERSION')) {
echo json_encode(array('output' => $output));
} else {
echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
}
break;
case 'pr_sort':
$output = 'Passed wrong parameters';
if (current_user_can('edit_posts') && isset($_GET['field']) && isset($_GET['sort']) && isset($_GET['post_id']) && isset($_GET['post_type'])) {
$output = $wpcf->relationship->child_meta_form(intval($_GET['post_id']), sanitize_text_field($_GET['post_type']));
}
if (!defined('WPTOOLSET_FORMS_VERSION')) {
echo json_encode(array('output' => $output));
} else {
echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
}
break;
// Not used anywhere
/*case 'pr_sort_parent':
$output = 'Passed wrong parameters';
if ( isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) {
$output = $wpcf->relationship->child_meta_form(
intval( $_GET['post_id'] ), strval( $_GET['post_type'] )
);
}
if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
echo json_encode( array(
'output' => $output,
) );
} else {
echo json_encode( array(
'output' => $output,
'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )),
) );
}
break;*/
/* Usermeta */
// Not used anywhere
/*case 'pr_sort_parent':
$output = 'Passed wrong parameters';
if ( isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) {
$output = $wpcf->relationship->child_meta_form(
intval( $_GET['post_id'] ), strval( $_GET['post_type'] )
);
}
if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
echo json_encode( array(
'output' => $output,
) );
} else {
echo json_encode( array(
'output' => $output,
'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )),
) );
}
break;*/
/* Usermeta */
case 'um_repetitive_add':
if (isset($_GET['user_id'])) {
$user_id = $_GET['user_id'];
} else {
$user_id = wpcf_usermeta_get_user();
}
if (isset($_GET['field_id']) && current_user_can('edit_user', $user_id)) {
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
require_once WPCF_EMBEDDED_INC_ABSPATH . '/usermeta-post.php';
$field = wpcf_admin_fields_get_field(sanitize_text_field($_GET['field_id']), false, false, false, 'wpcf-usermeta');
global $wpcf;
$wpcf->usermeta_repeater->set($user_id, $field);
/*
*
* Force empty values!
*/
$wpcf->usermeta_repeater->cf['value'] = null;
$wpcf->usermeta_repeater->meta = null;
$form = $wpcf->usermeta_repeater->get_field_form(null, true);
echo json_encode(array('output' => wpcf_form_simple($form) . wpcf_form_render_js_validation('#your-profile', false)));
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
case 'um_repetitive_delete':
if (isset($_POST['user_id']) && isset($_POST['field_id']) && current_user_can('edit_user', intval($_POST['user_id']))) {
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
$user_id = intval($_POST['user_id']);
$field = wpcf_admin_fields_get_field(sanitize_text_field($_POST['field_id']), false, false, false, 'wpcf-usermeta');
$meta_id = intval($_POST['meta_id']);
if (!empty($field) && !empty($user_id) && !empty($meta_id)) {
/*
*
*
* Changed.
* Since Types 1.2
*/
global $wpcf;
$wpcf->usermeta_repeater->set($user_id, $field);
$wpcf->usermeta_repeater->delete($meta_id);
echo json_encode(array('output' => 'deleted'));
} else {
echo json_encode(array('output' => 'field or post not found'));
}
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
/* End Usermeta */
/* End Usermeta */
case 'repetitive_add':
if (current_user_can('edit_posts') && isset($_GET['field_id'])) {
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
$field = wpcf_admin_fields_get_field(sanitize_text_field($_GET['field_id']));
$parent_post_id = intval($_GET['post_id']);
/*
* When post is new - post_id is 0
* We can safely set post_id to 1 cause
* values compared are filtered anyway.
*/
if ($parent_post_id == 0) {
$parent_post_id = 1;
}
$parent_post = get_post($parent_post_id);
global $wpcf;
$wpcf->repeater->set($parent_post, $field);
/*
*
* Force empty values!
*/
$wpcf->repeater->cf['value'] = null;
$wpcf->repeater->meta = null;
$form = $wpcf->repeater->get_field_form(null, true);
echo json_encode(array('output' => wpcf_form_simple($form) . wpcf_form_render_js_validation('#post', false)));
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
case 'repetitive_delete':
if (current_user_can('edit_posts') && isset($_POST['post_id']) && isset($_POST['field_id'])) {
require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
$post_id = intval($_POST['post_id']);
$parent_post = get_post($post_id);
$field = wpcf_admin_fields_get_field(sanitize_text_field($_POST['field_id']));
$meta_id = intval($_POST['meta_id']);
if (!empty($field) && !empty($parent_post->ID) && !empty($meta_id)) {
/*
*
*
* Changed.
* Since Types 1.2
*/
global $wpcf;
$wpcf->repeater->set($parent_post, $field);
$wpcf->repeater->delete($meta_id);
echo json_encode(array('output' => 'deleted'));
} else {
echo json_encode(array('output' => 'field or post not found'));
}
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
case 'wpcf_entry_search':
if (current_user_can('edit_posts') && isset($_REQUEST['post_type'])) {
$posts_per_page = apply_filters('wpcf_pr_belongs_post_numberposts', 10);
$args = array('posts_per_page' => apply_filters('wpcf_pr_belongs_post_posts_per_page', $posts_per_page), 'post_status' => apply_filters('wpcf_pr_belongs_post_status', array('publish', 'private')), 'post_type' => $_REQUEST['post_type'], 'suppress_filters' => 1);
if (isset($_REQUEST['s'])) {
$args['s'] = $_REQUEST['s'];
}
if (isset($_REQUEST['page']) && preg_match('/^\\d+$/', $_REQUEST['page'])) {
$args['paged'] = intval($_REQUEST['page']);
}
$the_query = new WP_Query($args);
$posts = array('items' => array(), 'total_count' => $the_query->found_posts, 'incomplete_results' => $the_query->found_posts > $posts_per_page, 'posts_per_page' => $posts_per_page);
if ($the_query->have_posts()) {
while ($the_query->have_posts()) {
$the_query->the_post();
$post_title = get_the_title();
if (empty($post_title)) {
$post_title = sprintf(__('[empty title] ID: %d', 'wpcf'), get_the_ID());
}
$posts['items'][] = array('ID' => get_the_ID(), 'post_title' => $post_title);
}
}
/* Restore original Post Data */
wp_reset_postdata();
echo json_encode($posts);
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
case 'wpcf_entry_entry':
if (current_user_can('edit_posts') && isset($_REQUEST['p'])) {
$wpcf_post = get_post($_REQUEST['p'], ARRAY_A);
if (isset($wpcf_post['ID'])) {
$post_title = $wpcf_post['post_title'];
if (empty($post_title)) {
$post_title = sprintf(__('[empty title] ID: %d', 'wpcf'), $wpcf_post['ID']);
}
echo json_encode(array('ID' => $wpcf_post['ID'], 'post_title' => $wpcf_post['post_title']));
} else {
echo json_encode(array('output' => 'params missing'));
}
} else {
echo json_encode(array('output' => 'params missing'));
}
break;
default:
break;
}
if (function_exists('wpcf_ajax')) {
wpcf_ajax();
}
die;
}
public static function wpcf_delete_cap()
{
if (!current_user_can('manage_options')) {
_e('There are security problems. You do not have permissions.', 'wpcf-access');
die;
}
if (!isset($_POST['wpnonce']) || !wp_verify_nonce($_POST['wpnonce'], 'wpcf-access-error-pages')) {
die('verification failed');
}
$custom_caps = get_option('wpcf_access_custom_caps');
if (!is_array($custom_caps)) {
$custom_caps = array();
}
$output = '';
$edit_role = sanitize_text_field($_POST['edit_role']);
$model = TAccess_Loader::get('MODEL/Access');
$access_roles = $model->getAccessRoles();
$cap = sanitize_text_field($_POST['cap_name']);
$remove = sanitize_text_field($_POST['remove']);
$roles = '';
if ($remove == 0) {
foreach ($access_roles as $role => $role_info) {
if (isset($role_info['caps'][$cap]) && $role != $edit_role) {
$roles[] = $role;
}
}
if (is_array($roles)) {
$roles = implode(", ", $roles);
$output = '<div class="js-wpcf-removediv js-removediv_' . $cap . '">' . '<p>' . __('The following role(s) have this capability:', 'wpcf-access') . '</p>' . $roles;
$output .= '<p><button class="js-wpcf-remove-cap-cancel button" data-cap="' . $cap . '">' . __('Cancel', 'wpcf-access') . '</button> ' . '<button class="js-wpcf-remove-cap-anyway button-primary button" data-remove="1" data-object="' . sanitize_text_field($_POST['remove_div']) . '" data-cap="' . $cap . '">' . __('Delete anyway', 'wpcf-access') . '</button> ' . '<span class="ajax-loading spinner"></span>' . '</p></div>';
} else {
foreach ($access_roles as $role => $role_info) {
if (isset($role_info['caps'][$cap])) {
unset($access_roles[$role]['caps'][$cap]);
}
}
$model->updateAccessRoles($access_roles);
unset($custom_caps[$cap]);
update_option('wpcf_access_custom_caps', $custom_caps);
$output = 1;
}
} else {
foreach ($access_roles as $role => $role_info) {
if (isset($role_info['caps'][$cap])) {
unset($access_roles[$role]['caps'][$cap]);
}
}
$model->updateAccessRoles($access_roles);
unset($custom_caps[$cap]);
update_option('wpcf_access_custom_caps', $custom_caps);
$output = 1;
}
echo $output;
die;
}
function taccess_export($what)
{
TAccess_Loader::load('CLASS/XML_Processor');
$xmlstring = Access_XML_Processor::exportToXMLString($what);
return $xmlstring;
}
private static function importSettings($data, $options = array())
{
$model = TAccess_Loader::get('MODEL/Access');
$results = array('new' => 0, 'updated' => 0, 'deleted' => 0, 'failed' => 0, 'errors' => array());
$dataTypes = isset($data['types']);
$dataTax = isset($data['taxonomies']);
$data3 = isset($data['third_party']);
$custom_caps = isset($data['access_custom_caps']);
$custom_roles = isset($data['access_custom_roles']);
$diff = array();
$intersect = array();
$access_settings = array('types' => $model->getAccessTypes(), 'taxonomies' => $model->getAccessTaxonomies(), 'third_party' => $model->getAccessThirdParty());
if ($dataTypes) {
$diff['types'] = array_diff_key($data['types'], $access_settings['types']);
$intersect['types'] = array_intersect_key($data['types'], $access_settings['types']);
}
if ($dataTax) {
$diff['taxonomies'] = array_diff_key($data['taxonomies'], $access_settings['taxonomies']);
$intersect['taxonomies'] = array_intersect_key($data['taxonomies'], $access_settings['taxonomies']);
}
// apply filters for custom 3rd-party capabilities
if ($data3) {
$diff['third_party'] = array();
$intersect['third_party'] = array();
foreach ($data['third_party'] as $area => $adata) {
$data['third_party'][$area] = apply_filters('access_import_custom_capabilities_' . $area, $data['third_party'][$area], $area);
if (isset($access_settings['third_party'][$area])) {
$diff['third_party'][$area] = array_diff_key($data['third_party'][$area], $access_settings['third_party'][$area]);
$intersect['third_party'][$area] = array_intersect_key($data['third_party'][$area], $access_settings['third_party'][$area]);
} else {
$diff['third_party'][$area] = $data['third_party'][$area];
$intersect['third_party'][$area] = array();
}
}
}
//taccess_log(array('Before', $access_settings, $diff, $intersect));
// import / merge extra settings
// Types
if ($dataTypes) {
$access_settings['types'] = array_merge($access_settings['types'], $diff['types']);
$results['new'] += count($diff['types']);
}
// Taxonomies
if ($dataTax) {
$access_settings['taxonomies'] = array_merge($access_settings['taxonomies'], $diff['taxonomies']);
$results['new'] += count($diff['taxonomies']);
}
// Custom caps
if ($custom_caps) {
$existing_custom_caps = get_option('wpcf_access_custom_caps');
if (empty($existing_custom_caps) || !is_array($existing_custom_caps)) {
$existing_custom_caps = array();
}
if (isset($options['access-overwrite-existing-settings'])) {
$new_custom_caps = array_merge($data['access_custom_caps'], $existing_custom_caps);
} else {
$new_custom_caps = $data['access_custom_caps'];
}
update_option('wpcf_access_custom_caps', $new_custom_caps);
}
//Custom roles
if ($custom_roles) {
$access_roles = $model->getAccessRoles();
foreach ($data['access_custom_roles'] as $role => $role_info) {
if (isset($options['access-overwrite-existing-settings'])) {
remove_role($role);
}
$role_name = $role_info['name'];
if (isset($role_info['title'])) {
$role_name = $role_info['title'];
}
$capabilities = $role_info['capabilities'];
$success = add_role($role, $role_name, $capabilities);
if (!is_null($success)) {
$access_roles[$role] = array('name' => $role_name, 'caps' => $capabilities);
$model->updateAccessRoles($access_roles);
}
}
}
// Third-Party
if ($data3) {
if (!isset($access_settings['third_party'])) {
$access_settings['third_party'] = array();
}
foreach ($diff['third_party'] as $area => $adata) {
if (isset($access_settings['third_party'][$area])) {
$access_settings['third_party'][$area] = array_merge($access_settings['third_party'][$area], $diff['third_party'][$area]);
} else {
$access_settings['third_party'][$area] = $diff['third_party'][$area];
}
$results['new'] += count($diff['third_party'][$area]);
}
}
//taccess_log(array('Import Extra', $access_settings, $diff, $intersect));
// overwrite existing settings
if (isset($options['access-overwrite-existing-settings'])) {
if ($dataTypes) {
$access_settings['types'] = array_merge($access_settings['types'], $intersect['types']);
$results['updated'] += count($intersect['types']);
}
if ($dataTax) {
$access_settings['taxonomies'] = array_merge($access_settings['taxonomies'], $intersect['taxonomies']);
$results['updated'] += count($intersect['taxonomies']);
}
if ($data3) {
foreach ($access_settings['third_party'] as $area => $adata) {
if (isset($intersect['third_party'][$area])) {
$access_settings['third_party'][$area] = array_merge($access_settings['third_party'][$area], $intersect['third_party'][$area]);
$results['updated'] += count($intersect['third_party'][$area]);
}
}
}
}
//taccess_log(array('Overwrite', $access_settings, $diff, $intersect));
// remove not imported settings
if (isset($options['access-remove-not-included-settings'])) {
if ($dataTypes) {
$tmp = count($access_settings['types']);
$access_settings['types'] = array_intersect_key($access_settings['types'], $data['types']);
$results['deleted'] += $tmp - count($access_settings['types']);
}
if ($dataTax) {
//taccess_log(array($access_settings['taxonomies'], $data['taxonomies']));
$tmp = count($access_settings['taxonomies']);
$access_settings['taxonomies'] = array_intersect_key($access_settings['taxonomies'], $data['taxonomies']);
$results['deleted'] += $tmp - count($access_settings['taxonomies']);
//taccess_log(array($access_settings['taxonomies'], $data['taxonomies']));
}
if ($data3) {
foreach ($access_settings['third_party'] as $area => $adata) {
if (!isset($data['third_party'][$area])) {
//$tmp=count($access_settings['third_party'][$area]);
//$access_settings['third_party']=array_diff_key($access_settings['third_party'], $data['third_party']);
$results['deleted'] += 1;
//$tmp-count($access_settings['third_party'][$area]);
unset($access_settings['third_party'][$area]);
}
}
}
}
//taccess_log(array('Remove', $access_settings, $diff, $intersect));
// update settings
$model->updateAccessTypes($access_settings['types']);
$model->updateAccessTaxonomies($access_settings['taxonomies']);
$model->updateAccessThirdParty($access_settings['third_party']);
return $results;
}
public static function import_export_hook($action)
{
if (isset($_POST['access-export']) && wp_verify_nonce($_POST['access-export-form'], 'access-export-form')) {
TAccess_Loader::load('CLASS/XML_Processor');
Access_XML_Processor::exportToXML('all');
}
}