Esempio n. 1
0
 public static function _init_()
 {
     // init assets
     if (empty(self::$__assets__)) {
         self::$__assets__ = array('SCRIPT' => array('wpcf-access-utils-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'wp-pointer'), 'path' => TACCESS_ASSETS_URL . '/js/utils.js'), 'types-suggest-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery'), 'path' => TACCESS_ASSETS_URL . '/js/suggest.js'), 'wpcf-access-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'suggest', 'jquery-ui-dialog', 'jquery-ui-tabs', 'wp-pointer'), 'path' => TACCESS_ASSETS_URL . '/js/basic.js', 'localization_name' => 'wpcf_access_dialog_texts', 'localization_data' => array('wpcf_change_perms' => __("Change Permissions", 'wpcf-access'), 'wpcf_close' => __("Close", 'wpcf-access'), 'wpcf_cancel' => __("Cancel", 'wpcf-access'), 'wpcf_group_exists' => __("Group already exists", 'wpcf-access'), 'wpcf_assign_group' => __("Assign group", 'wpcf-access'), 'wpcf_set_errors' => __("Set errors", 'wpcf-access'), 'wpcf_error1' => __("Show 404 - page not found", 'wpcf-access'), 'wpcf_error2' => __("Show Content Template", 'wpcf-access'), 'wpcf_error3' => __("Show Page template", 'wpcf-access'), 'wpcf_info1' => __("Template", 'wpcf-access'), 'wpcf_info2' => __("PHP Template", 'wpcf-access'), 'wpcf_info3' => __("PHP Archive", 'wpcf-access'), 'wpcf_info4' => __("View Archive", 'wpcf-access'), 'wpcf_info5' => __("Display: 'No posts found'", 'wpcf-access'), 'wpcf_access_group' => __("Access group", 'wpcf-access'), 'wpcf_custom_access_group' => __("Custom Access Group", 'wpcf-access'), 'wpcf_add_group' => __("Add Group", 'wpcf-access'), 'wpcf_modify_group' => __("Modify Group", 'wpcf-access'), 'wpcf_remove_group' => __("Remove Group", 'wpcf-access'), 'wpcf_role_permissions' => __("Role permissions", 'wpcf-access'), 'wpcf_delete_role' => __("Delete role", 'wpcf-access'), 'wpcf_save' => __("Save", 'wpcf-access'))), 'toolset-colorbox' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery'), 'path' => TACCESS_ASSETS_URL . '/common/res/js/jquery.colorbox-min.js'), 'views-utils-script' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('jquery', 'underscore', 'backbone'), 'path' => TACCESS_ASSETS_URL . '/common/utility/js/utils.js', 'localization_name' => 'wpv_help_box_texts', 'localization_data' => array('wpv_dont_show_it_again' => __("Got it! Don't show this message again", 'wpcf-access'), 'wpv_close' => __("Close", 'wpcf-access')))), 'STYLE' => array('font-awesome' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/font-awesome.min.css'), 'types-debug' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/pre.css'), 'types-suggest-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/suggest.css'), 'wpcf-access-dev' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => array('font-awesome', 'wp-pointer', 'wp-jquery-ui-dialog'), 'path' => TACCESS_ASSETS_URL . '/css/basic.css'), 'toolset-colorbox' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/colorbox.css'), 'notifications' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/notifications.css'), 'wpcf-access-dialogs-css' => array('version' => WPCF_ACCESS_VERSION, 'dependencies' => null, 'path' => TACCESS_ASSETS_URL . '/css/dialogs.css')));
     }
     // init dependencies paths, if any
     if (empty(self::$__dependencies__)) {
         self::$__dependencies__ = array('MODEL' => array('Access' => array(array('class' => 'Access_Model', 'path' => TACCESS_INCLUDES_PATH . '/Model.php'))), 'CLASS' => array('XML_Processor' => array(array('class' => 'Access_XML_Processor', 'path' => TACCESS_INCLUDES_PATH . '/XML_Processor.php')), 'Updater' => array(array('class' => 'Access_Updater', 'path' => TACCESS_INCLUDES_PATH . '/Updater.php')), 'Helper' => array(array('class' => 'Access_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Helper.php')), 'Admin' => array(array('class' => 'Access_Admin', 'path' => TACCESS_INCLUDES_PATH . '/Admin.php')), 'Admin_Edit' => array(array('class' => 'Access_Admin_Edit', 'path' => TACCESS_INCLUDES_PATH . '/Admin_Edit.php')), 'Ajax' => array(array('class' => 'Access_Ajax_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Ajax_Helper.php')), 'Upload' => array(array('class' => 'Access_Upload_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Upload_Helper.php')), 'Debug' => array(array('class' => 'Access_Debug', 'path' => TACCESS_INCLUDES_PATH . '/Debug.php')), 'Post' => array(array('class' => 'Access_Post_Helper', 'path' => TACCESS_INCLUDES_PATH . '/Post_Helper.php'))));
     }
 }
Esempio n. 2
0
 private static function update_to_116()
 {
     //taccess_log(array('update to 1.1.6', self::$db_ver, TACCESS_VERSION));
     $model = TAccess_Loader::get('MODEL/Access');
     // Post Types
     $access_types = $model->getAccessTypes();
     $wpcf_types = $model->getWpcfTypes();
     // merge with Access settings saved in Types tables, since Access is standalone now
     foreach ($wpcf_types as $t => $d) {
         if (isset($d['_wpcf_access_capabilities'])) {
             if (!isset($access_types[$t])) {
                 $access_types[$t] = $d['_wpcf_access_capabilities'];
             }
             unset($wpcf_types[$t]['_wpcf_access_capabilities']);
         }
     }
     $model->updateWpcfTypes($wpcf_types);
     $model->updateAccessTypes($access_types);
     unset($wpcf_types);
     unset($access_types);
     // Taxonomies
     $access_taxonomies = $model->getAccessTaxonomies();
     $wpcf_taxonomies = $model->getWpcfTaxonomies();
     // merge with Access settings saved in Types tables, since Access is standalone now
     foreach ($wpcf_taxonomies as $t => $d) {
         if (isset($d['_wpcf_access_capabilities'])) {
             if (!isset($access_taxonomies[$t])) {
                 $access_taxonomies[$t] = $d['_wpcf_access_capabilities'];
             }
             unset($wpcf_taxonomies[$t]['_wpcf_access_capabilities']);
         }
     }
     $model->updateWpcfTaxonomies($wpcf_taxonomies);
     $model->updateAccessTaxonomies($access_taxonomies);
     unset($wpcf_taxonomies);
     unset($access_taxonomies);
     self::$db_ver = array_merge(self::$db_ver, array('1.1.6' => 1));
 }
Esempio n. 3
0
    /**
     * Admin page form.
     */
    public static function wpcf_access_admin_edit_access($enabled = true)
    {
        global $wpcf_access;
        $model = TAccess_Loader::get('MODEL/Access');
        $roles = Access_Helper::wpcf_get_editable_roles();
        $shortcuts = array();
        $output = '';
        $output .= '<form id="wpcf_access_admin_form" method="post" action="">';
        $show_message = get_option('wpcf_hide_max_fields_message', 0);
        $fields_limit = ini_get('max_input_vars');
        if ($show_message == 0) {
            $fields_limit = 99999999999.0;
        }
        $output .= '<input type="hidden" value="' . $fields_limit . '" name="max_input_vars" id="js-max-input-vars"
        data-message="' . esc_js(__('The changes on this page may not save because it requires more input variables. Please modify the "max_input_vars" setting in your php.ini or .htaccess files to <!NUM!> or more.', 'wpcf-access')) . '"
        data-btn="' . __('Ok', 'wpcf-access') . '"
        data-header="' . __('Warning', 'wpcf-access') . '" 
        data-hide_error="' . __("Don't show this message again", 'wpcf-access') . '"
        />';
        $output .= '<div class="js-submit-button-all"><input type="submit"
		   value="' . __('Save everything', 'wpcf-access') . '"
		   id="submit-999"
		   class="wpcf-access-submit button-primary js-wpcf-access-submit"  /><span class="ajax-loading spinner"></span></div>';
        $output .= wp_nonce_field('wpcf-access-error-pages', 'wpcf-access-error-pages', true, false);
        $access_bypass_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses the same name for singular name and plural name. Access can't control access to this object. Please use a different name for the singular and plural names.", 'wpcf-access') . "</p></div>";
        $access_conflict_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses capability names that conflict with default Wordpress capabilities. Access can not manage this entity, try changing entity's name and / or slug", 'wpcf-access') . "</p></div>";
        $access_notices = '';
        //$isTypesActive = Access_Helper::wpcf_access_is_wpcf_active();
        // Types
        $settings_access = $model->getAccessTypes();
        $types = $model->getPostTypes();
        $types = Access_Helper::wpcf_object_to_array($types);
        //taccess_log($types);
        foreach ($types as $type_slug => $type_data) {
            // filter types, excluding types that do not have different plural and singular names
            if (isset($type_data['__accessIsNameValid']) && !$type_data['__accessIsNameValid']) {
                $access_notices .= sprintf($access_bypass_template, __('Post Type', 'wpcf-access'), $type_data['labels']['singular_name']);
                unset($types[$type_slug]);
                continue;
            }
            if (isset($type_data['__accessIsCapValid']) && !$type_data['__accessIsCapValid']) {
                $access_notices .= sprintf($access_conflict_template, __('Post Type', 'wpcf-access'), $type_data['labels']['singular_name']);
                unset($types[$type_slug]);
                continue;
            }
            if (isset($settings_access[$type_slug])) {
                $types[$type_slug]['_wpcf_access_capabilities'] = $settings_access[$type_slug];
            }
            if (!empty($type_data['_wpcf_access_inherits_post_cap'])) {
                $types[$type_slug]['_wpcf_access_inherits_post_cap'] = 1;
            }
        }
        // Put Posts and Pages in front
        $temp = array('page', 'post');
        foreach ($temp as $t) {
            if (isset($types[$t])) {
                $clone = array($t => $types[$t]);
                unset($types[$t]);
                $types = $clone + $types;
            }
        }
        if (!empty($types)) {
            $output .= '<h3 class="wpcf-section-header">' . __('Post Types', 'wpcf-access') . '</h3>';
            foreach ($types as $type_slug => $type_data) {
                if ($type_data['public'] === 'hidden') {
                    continue;
                }
                if ($type_slug == 'view-template' || $type_slug == 'view' || $type_slug == 'cred-form' || $type_slug == 'cred-user-form') {
                    // Don't list Views and View templates separately.
                    // Don't list CRED form post types.
                    continue;
                }
                // Set data
                $mode = isset($type_data['_wpcf_access_capabilities']['mode']) ? $type_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
                $container_class = 'is-enabled';
                if (!$enabled || $mode === 'not_managed') {
                    $container_class = '';
                }
                $output .= '<a name="' . $type_slug . '"></a>';
                $shortcuts[__('Post Types', 'wpcf-access')][] = array($type_data['labels']['name'], $type_slug);
                $output .= '<div class="wpcf-access-type-item ' . $container_class . ' wpcf-access-post-type-name-' . $type_slug . ' js-wpcf-access-type-item">';
                $output .= '<h4>' . $type_data['labels']['name'] . '</h4>';
                $output .= '<div class="wpcf-access-mode">';
                $output .= '<p class="wpcf-access-mode-control">
								<label>
									<input type="checkbox" class="js-wpcf-enable-access" value="permissions" ';
                if (!$enabled) {
                    $output .= 'disabled="disabled" readonly="readonly" ';
                }
                $output .= $mode != 'not_managed' ? 'checked="checked" />' : ' />';
                $output .= '<input type="hidden" class="js-wpcf-enable-set" ' . 'name="types_access[types][' . $type_slug . '][mode]" value="' . $mode . '" />';
                $output .= '' . __('Managed by Access', 'wpcf-access') . '</label>
						</p>';
                // Warning fallback
                if ((empty($type_data['_wpcf_access_outsider']) || !empty($type_data['_wpcf_access_inherits_post_cap'])) && !in_array($type_slug, array('post', 'page'))) {
                    $output .= '<div class="toolset-alert toolset-alert-warning warning-fallback js-warning-fallback"';
                    if ($mode != 'not_managed') {
                        $output .= ' style="display:none;"';
                    }
                    $output .= '>' . __('This post type will inherit the same access rights as the standard WordPress Post when not Managed by Access.', 'wpcf-access');
                    $output .= '</div>';
                }
                $permissions = !empty($type_data['_wpcf_access_capabilities']['permissions']) ? $type_data['_wpcf_access_capabilities']['permissions'] : array();
                $output .= self::wpcf_access_permissions_table($roles, $permissions, Access_Helper::wpcf_access_types_caps_predefined(), 'types', $type_slug, $enabled, $mode != 'not_managed', $settings_access, $type_data);
                $output .= '</div><!-- wpcf-access-mode -->';
                $output .= '<p class="wpcf-access-buttons-wrap">';
                $output .= self::wpcf_access_reset_button($type_slug, 'type', $enabled, $mode != 'not_managed');
                $output .= self::wpcf_access_submit_button($enabled, $mode != 'not_managed', $type_data['labels']['name']);
                $output .= '</p>';
                $args = array('posts_per_page' => -1, 'post_status' => 'publish', 'post_type' => array($type_slug), 'meta_query' => array(array('key' => '_wpcf_access_group')));
                $the_query = new WP_Query($args);
                if ($the_query->found_posts > 0) {
                    $used_groups = array();
                    $groupz = '';
                    while ($the_query->have_posts()) {
                        $the_query->the_post();
                        $ogroup = get_post_meta(get_the_ID(), '_wpcf_access_group', true);
                        if (!in_array($ogroup, $used_groups) && isset($settings_access[$ogroup]['title'])) {
                            $used_groups[] = $ogroup;
                            $groupz .= '<a href="#' . $ogroup . '">' . $settings_access[$ogroup]['title'] . '</a>, ';
                        }
                    }
                    $groupz = substr($groupz, 0, -2);
                    $message = sprintf(__('Some %s may have different read access settings because they belong to these access groups: %s', 'wpcf-access'), $type_data['labels']['name'], $groupz);
                    $output .= '<div class="toolset-alert toolset-alert-info js-toolset-alert" style="display: block; opacity: 1; ">' . $message . '</div>';
                }
                if ($type_slug == 'attachment') {
                    $output .= '<div class="toolset-alert toolset-alert-info js-toolset-alert" style="display: block; opacity: 1; ">' . __('This section controls access to media-element pages and not to media that is included in posts and pages.', 'wpcf-access') . '</div>';
                }
                $output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
                $output .= '</div><!-- wpcf-access-type-item -->';
            }
        }
        // Taxonomies
        $supports_check = array();
        $settings_access = $model->getAccessTaxonomies();
        $taxonomies = $model->getTaxonomies();
        $taxonomies = Access_Helper::wpcf_object_to_array($taxonomies);
        //taccess_log($taxonomies);
        foreach ($taxonomies as $tax_slug => $tax_data) {
            // filter taxonomies, excluding tax that do not have different plural and singular names
            if (isset($tax_data['__accessIsNameValid']) && !$tax_data['__accessIsNameValid']) {
                $access_notices .= sprintf($access_bypass_template, __('Taxonomy', 'wpcf-access'), $tax_data['labels']['singular_name']);
                unset($taxonomies[$tax_slug]);
                continue;
            }
            if (isset($tax_data['__accessIsCapValid']) && !$tax_data['__accessIsCapValid']) {
                $access_notices .= sprintf($access_conflict_template, __('Taxonomy', 'wpcf-access'), $tax_data['labels']['singular_name']);
                unset($taxonomies[$tax_slug]);
                continue;
            }
            $taxonomies[$tax_slug]['supports'] = array_flip($tax_data['object_type']);
            if (isset($settings_access[$tax_slug])) {
                $taxonomies[$tax_slug]['_wpcf_access_capabilities'] = $settings_access[$tax_slug];
            }
            /*if ('product_shipping_class'==$tax_slug)
              {
                  taccess_log($taxonomies[$tax_slug]);
              }*/
            if ($enabled) {
                $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'follow';
                // Only check if in 'follow' mode
                //            if ($mode != 'follow' || empty($tax_data['supports'])) {
                if (empty($tax_data['supports'])) {
                    continue;
                }
                foreach ($tax_data['supports'] as $supports_type => $true) {
                    if (!isset($types[$supports_type]['_wpcf_access_capabilities']['mode'])) {
                        continue;
                    }
                    $mode = $types[$supports_type]['_wpcf_access_capabilities']['mode'];
                    if (!isset($types[$supports_type]['_wpcf_access_capabilities'][$mode])) {
                        continue;
                    }
                    $supports_check[$tax_slug][md5($mode . serialize($types[$supports_type]['_wpcf_access_capabilities'][$mode]))][] = $types[$supports_type]['labels']['name'];
                }
            }
        }
        // Put Categories and Tags in front
        $temp = array('post_tag', 'category');
        foreach ($temp as $t) {
            if (isset($taxonomies[$t])) {
                $clone = array($t => $taxonomies[$t]);
                unset($taxonomies[$t]);
                $taxonomies = $clone + $taxonomies;
            }
        }
        if (!empty($taxonomies)) {
            $output .= '<h3 class="wpcf-section-header">' . __('Taxonomies', 'wpcf-access') . '</h3>';
            foreach ($taxonomies as $tax_slug => $tax_data) {
                $mode = 'not_managed';
                if ($tax_data['public'] === 'hidden') {
                    continue;
                }
                // Set data
                if (isset($tax_data['_wpcf_access_capabilities']['mode'])) {
                    $mode = $tax_data['_wpcf_access_capabilities']['mode'];
                } elseif ($enabled) {
                    $mode = Access_Helper::wpcf_access_get_taxonomy_mode($tax_slug, $mode);
                } else {
                    $mode = 'not_managed';
                }
                /*if ('product_shipping_class'==$tax_slug)
                  {
                      taccess_log(array($mode, $taxonomies[$tax_slug]));
                  }*/
                /*$mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
                  if ($enabled) {
                      $mode = wpcf_access_get_taxonomy_mode($tax_slug, $mode);
                  }*/
                // For built-in set default to 'not_managed'
                if (in_array($tax_slug, array('category', 'post_tag'))) {
                    $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed';
                }
                $custom_data = Access_Helper::wpcf_access_tax_caps();
                if (isset($tax_data['_wpcf_access_capabilities']['permissions'])) {
                    foreach ($tax_data['_wpcf_access_capabilities']['permissions'] as $cap_slug => $cap_data) {
                        $custom_data[$cap_slug]['role'] = $cap_data['role'];
                        $custom_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array();
                    }
                }
                $output .= '<a name="' . $tax_slug . '"></a>';
                $shortcuts[__('Taxonomies', 'wpcf-access')][] = array($tax_data['labels']['name'], $tax_slug);
                $output .= '<div class="wpcf-access-type-item js-wpcf-access-type-item ' . $container_class . '">';
                $output .= '<h4>' . $tax_data['labels']['name'] . '</h4>';
                // Add warning if shared and settings are different
                $disable_same_as_parent = false;
                if ($enabled && isset($supports_check[$tax_slug]) && count($supports_check[$tax_slug]) > 1) {
                    $txt = array();
                    foreach ($supports_check[$tax_slug] as $sc_tax_md5 => $sc_tax_md5_data) {
                        $txt = array_merge($txt, $sc_tax_md5_data);
                    }
                    $last_element = array_pop($txt);
                    $warning = '<br /><img src="' . TACCESS_ASSETS_URL . '/images/warning.png" style="position:relative;top:2px;" />' . sprintf(__('You need to manually set the access rules for taxonomy %s. That taxonomy is shared between several post types that have different access rules.'), $tax_data['labels']['name'], implode(', ', $txt), $last_element);
                    $output .= $warning;
                    $disable_same_as_parent = true;
                }
                $output .= '<div class="wpcf-access-mode">';
                // Managed checkbox - Custom taxonomies section
                $output .= '<p>';
                $output .= '<label><input type="checkbox" class="not-managed js-wpcf-enable-access" name="types_access[tax][' . $tax_slug . '][not_managed]" value="1"';
                if (!$enabled) {
                    $output .= ' disabled="disabled" readonly="readonly"';
                }
                $output .= $mode != 'not_managed' ? ' checked="checked"' : '';
                $output .= '/>' . __('Managed by Access', 'wpcf-access') . '</label>';
                $output .= '</p>';
                // 'Same as parent' checkbox
                $output .= '<p>';
                $output .= '<label><input type="checkbox" class="follow js-wpcf-follow-parent" name="types_access[tax][' . $tax_slug . '][mode]" value="follow"';
                if (!$enabled) {
                    $output .= ' disabled="disabled" readonly="readonly" checked="checked"';
                } else {
                    if ($disable_same_as_parent) {
                        $output .= ' disabled="disabled" readonly="readonly"';
                    } else {
                        $output .= $mode == 'follow' ? ' checked="checked"' : '';
                    }
                }
                $output .= ' />' . __('Same as Parent', 'wpcf-access') . '</label>';
                $output .= '</p>';
                $output .= '<div class="wpcf-access-mode-custom">';
                $output .= self::wpcf_access_permissions_table($roles, $custom_data, $custom_data, 'tax', $tax_slug, $enabled, $mode != 'not_managed', $settings_access);
                $output .= '</div>	<!-- .wpcf-access-mode-custom -->';
                $output .= '</div>	<!-- wpcf-access-mode -->';
                $output .= '<p class="wpcf-access-buttons-wrap">';
                $output .= self::wpcf_access_reset_button($tax_slug, 'tax', $enabled);
                $output .= self::wpcf_access_submit_button($enabled, $mode != 'not_managed', $tax_data['labels']['name']);
                $output .= '</p>';
                $output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
                $output .= '</div>	<!-- wpcf-access-type-item -->';
            }
        }
        // Allow 3rd party
        $third_party = $model->getAccessThirdParty();
        $areas = apply_filters('types-access-area', array());
        foreach ($areas as $area) {
            // Do not allow 'types' ID
            if (in_array($area['id'], array('types', 'tax'))) {
                continue;
            }
            // make all groups of same area appear on same line in shortcuts
            $shortcuts[$area['name']] = array();
            $groups = apply_filters('types-access-group', array(), $area['id']);
            if (!is_array($groups) || empty($groups)) {
                continue;
            }
            $output .= '<h3 class="wpcf-section-header">' . $area['name'] . '</h3>';
            foreach ($groups as $group) {
                //$shortcuts[$area['name']][$group['name']]=array();
                $shortcuts[$area['name']][] = array($group['name'], $group['id']);
                $output .= '<a name="' . $group['id'] . '"></a>';
                $output .= '<div class="wpcf-access-type-item js-wpcf-access-type-item">';
                $output .= '<h4>' . $group['name'] . '</h4>';
                $output .= '<div class="wpcf-access-mode">';
                $caps = array();
                $caps_filter = apply_filters('types-access-cap', array(), $area['id'], $group['id']);
                $saved_data = array();
                foreach ($caps_filter as $cap_slug => $cap) {
                    $caps[$cap['cap_id']] = $cap;
                    if (isset($cap['default_role'])) {
                        $caps[$cap['cap_id']]['role'] = $cap['role'] = $cap['default_role'];
                    }
                    $saved_data[$cap['cap_id']] = isset($third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']]) ? $third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']] : array('role' => $cap['role']);
                }
                // Add registered via other hook
                if (!empty($wpcf_access->third_party[$area['id']][$group['id']]['permissions'])) {
                    foreach ($wpcf_access->third_party[$area['id']][$group['id']]['permissions'] as $cap_slug => $cap) {
                        // Don't allow duplicates
                        if (isset($caps[$cap['cap_id']])) {
                            unset($wpcf_access->third_party[$area['id']][$group['id']]['permissions'][$cap_slug]);
                            continue;
                        }
                        $saved_data[$cap['cap_id']] = $cap['saved_data'];
                        $caps[$cap['cap_id']] = $cap;
                    }
                }
                if (isset($cap['style']) && $cap['style'] == 'dropdown') {
                } else {
                    $output .= self::wpcf_access_permissions_table($roles, $saved_data, $caps, $area['id'], $group['id'], true, $settings_access);
                }
                $output .= '<p class="wpcf-access-buttons-wrap">';
                $output .= self::wpcf_access_submit_button($enabled, true, $group['name']);
                $output .= '</p>';
                $output .= '</div>	<!-- .wpcf-access-mode -->';
                $output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
                //3rd party
                $output .= '</div>	<!-- .wpcf-access-type-item -->';
            }
        }
        //Custom Groups
        $settings_access = $model->getAccessTypes();
        $show_section_header = true;
        if (is_array($settings_access) && !empty($settings_access)) {
            foreach ($settings_access as $group_slug => $group_data) {
                if (strpos($group_slug, 'wpcf-custom-group-') !== 0) {
                    continue;
                }
                if ($show_section_header) {
                    $output .= '<h3 class="wpcf-section-header">' . __('Custom groups', 'wpcf-access') . '</h3>';
                    $show_section_header = false;
                }
                $group_div_id = str_replace('%', '', $group_slug);
                $group['name'] = $group_data['title'];
                $shortcuts['Custom Groups'][] = array($group['name'], $group['id']);
                $output .= '<a name="' . $group['id'] . '"></a>';
                $output .= '<div class="wpcf-access-custom-group wpcf-access-type-item is-enabled js-wpcf-access-type-item" id="js-box-' . $group_div_id . '">';
                $output .= '<h4>' . $group['name'] . '</h4>';
                $output .= '<div class="wpcf-access-mode">';
                $caps = array();
                $saved_data = array();
                // Add registered via other hook
                if (!empty($group_data['permissions'])) {
                    $saved_data['read'] = $group_data['permissions']['read'];
                }
                $def = array('read' => array('title' => 'Read', 'role' => 'guest', 'predefined' => 'read', 'cap_id' => 'group'));
                $output .= self::wpcf_access_permissions_table($roles, $saved_data, $def, 'types', $group['id'], $enabled, 'permissions', $settings_access);
                $output .= '<p class="wpcf-access-buttons-wrap">';
                $output .= '<span class="ajax-loading spinner"></span>';
                $output .= '<input data-group="' . $group_slug . '" data-groupdiv="' . $group_div_id . '" type="button" value="' . __('Modify Group', 'wpcf-access') . '"  class="js-wpcf-modify-group button-secondary" /> ';
                $output .= '<input data-group="' . $group_slug . '" data-groupdiv="' . $group_div_id . '"  type="button" value="' . __('Remove Group', 'wpcf-access') . '"  class="js-wpcf-remove-group button-secondary" /> ';
                $output .= self::wpcf_access_submit_button($enabled, true, $group['name']);
                $output .= '</p>';
                $output .= '<input type="hidden" name="groupvalue-' . $group_slug . '" value="' . $group_data['title'] . '">';
                $output .= '</div>	<!-- .wpcf-access-mode  -->';
                $output .= '</div>	<!-- .wpcf-access-custom-group -->';
            }
        }
        //	$output .= '<div class="wpcf-access-new-button-wrap">';
        $output .= '<button data-label="' . __('Add Group', 'wpcf-access') . '" value="' . __('Add custom group', 'wpcf-access') . '" class="button button-large button-secondary wpcf-add-new-access-group js-wpcf-add-new-access-group"><i class="icon-plus"></i>' . __('Add custom group', 'wpcf-access') . '</button>';
        //		$output .= '<p class="wpcf-access-top-anchor"><a href="#wpcf-access-top-anchor">'. __('Back to Top', 'wpcf-access') .'</a></p>';
        //	$output .= '</div>';
        // Custom roles
        $output .= '<a id="custom-roles" name="custom-roles"></a>';
        $output .= '<h3>' . __('Custom Roles', 'wpcf-access') . '</h3>';
        $output .= self::wpcf_access_admin_set_custom_roles_level_form($roles, $enabled);
        $output .= wp_nonce_field('wpcf-access-edit', '_wpnonce', true, false);
        $output .= '<input type="hidden" name="action" value="wpcf_access_save_settings" />';
        $output .= '<div class="js-submit-button-all"><input type="submit"
		   value="' . __('Save everything', 'wpcf-access') . '"
		   id="submit-999"
		   class="wpcf-access-submit button-primary js-wpcf-access-submit"  /><span class="ajax-loading spinner"></span></div>';
        $output .= '</form>';
        $output .= '<p class="wpcf-access-top-anchor anchor-floated"><a href="#wpcf-access-top-anchor">' . __('Back to Top', 'wpcf-access') . '</a></p>';
        $output .= self::wpcf_access_new_role_form($enabled);
        $shortcuts[__('Custom Roles', 'wpcf-access')] = array(array(__('Custom Roles', 'wpcf-access'), "custom-roles"));
        // Shortcuts
        $shortmenus = '';
        if (!empty($shortcuts)) {
            $shortmenus .= '<p class="wpcf-access-top-anchor"><a name="wpcf-access-top-anchor" id="wpcf-access-top-anchor"></a></p>';
            //TODO: check anchor text
            $shortmenus .= '<h3>' . __('On this page', 'wpcf-access') . '</h3>';
            foreach ($shortcuts as $section => $items) {
                $shortmenu = '';
                if (!empty($items)) {
                    $shortmenu .= '<div class="wpcf-access-shortcuts-wrappet">
								<span class="wpcf-access-shortcut-section">' . $section . '</span>: ';
                    foreach ($items as $item) {
                        $shortmenu .= '<a href="#' . $item[1] . '" class="wpcf-access-shortcuts">' . $item[0] . '</a>';
                    }
                    $shortmenus .= rtrim($shortmenu, ',') . '
							</div>';
                }
            }
            //        $shortmenus .= '<br /><br />';
        }
        // Link to wp-types.com Access home URL
        $link_to_manual = '<a href="http://wp-types.com/documentation/user-guides/?utm_source=accessplugin&utm_campaign=access&utm_medium=access-edit&utm_term=Access manuals#Access" title="' . __('Access Manuals &raquo;') . '" target="_blank" ' . 'class="wpcf-access-link-to-manual" style="display:block;font-weight:bold;background-image: url(\'' . TACCESS_ASSETS_URL . '/images/question.png\');background-repeat: no-repeat;text-indent: 18px;">' . __('Access Manuals &raquo;', 'wpcf-access') . '</a>';
        echo $link_to_manual . '<div id="wpcf_access_notices">' . $access_notices . '</div>' . $shortmenus . $output;
    }
Esempio n. 4
0
 /**
  * Save post hook.
  * 
  * @param type $post_id 
  */
 public static function wpcf_access_post_save($post_id)
 {
     $areas = Access_Helper::wpcf_access_get_areas();
     foreach ($areas as $area) {
         $groups = array();
         $groups = apply_filters('types-access-show-ui-group', $groups, $area['id']);
         foreach ($groups as $group) {
             $caps = array();
             $caps = apply_filters('types-access-cap', $caps, $area['id'], $group['id']);
             foreach ($caps as $cap) {
                 do_action('types-access-process-ui-result', $area['id'], $group['id'], $cap['cap_id']);
             }
         }
     }
     $model = TAccess_Loader::get('MODEL/Access');
     if (isset($_POST['types_access']) && !empty($_POST['types_access'])) {
         $model->updateAccessMeta($post_id, sanitize_text_field($_POST['types_access']));
     } else {
         $model->deleteAccessMeta($post_id);
     }
 }
Esempio n. 5
0
/**
 * All AJAX calls go here.
 *
 * @todo auth
 */
function wpcf_ajax_embedded()
{
    if (isset($_REQUEST['_typesnonce'])) {
        if (!wp_verify_nonce($_REQUEST['_typesnonce'], '_typesnonce')) {
            die('Verification failed (1)');
        }
    } else {
        if (!isset($_REQUEST['_wpnonce']) || !wp_verify_nonce($_REQUEST['_wpnonce'], $_REQUEST['wpcf_action'])) {
            die('Verification failed (2)');
        }
    }
    global $wpcf;
    switch ($_REQUEST['wpcf_action']) {
        case 'insert_skype_button':
            if (!current_user_can('edit_posts')) {
                die('Authentication failed');
            }
            require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields/skype.php';
            wpcf_fields_skype_meta_box_ajax();
            break;
        case 'editor_callback':
            if (!current_user_can('edit_posts')) {
                die('Authentication failed');
            }
            // Determine Field type and context
            $views_meta = false;
            $field_id = sanitize_text_field($_GET['field_id']);
            // todo this could be written in like four lines
            if (isset($_GET['field_type']) && $_GET['field_type'] == 'usermeta') {
                // Group filter
                wp_enqueue_script('suggest');
                $field = types_get_field($field_id, 'usermeta');
                $meta_type = 'usermeta';
            } elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'views-usermeta') {
                $field = types_get_field($field_id, 'usermeta');
                $meta_type = 'usermeta';
                $views_meta = true;
            } elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'termmeta') {
                // Group filter
                wp_enqueue_script('suggest');
                $field = types_get_field($field_id, 'termmeta');
                $meta_type = 'termmeta';
            } elseif (isset($_GET['field_type']) && $_GET['field_type'] == 'views-termmeta') {
                $field = types_get_field($field_id, 'termmeta');
                $meta_type = 'termmeta';
                $views_meta = true;
            } else {
                $field = types_get_field($field_id);
                $meta_type = 'postmeta';
            }
            $parent_post_id = isset($_GET['post_id']) ? intval($_GET['post_id']) : null;
            $shortcode = isset($_GET['shortcode']) ? urldecode($_GET['shortcode']) : null;
            $callback = isset($_GET['callback']) ? sanitize_text_field($_GET['callback']) : false;
            if (!empty($field)) {
                // Editor
                WPCF_Loader::loadClass('editor');
                $editor = new WPCF_Editor();
                $editor->frame($field, $meta_type, $parent_post_id, $shortcode, $callback, $views_meta);
            }
            break;
        case 'dismiss_message':
            if (!is_user_logged_in()) {
                die('Authentication failed');
            }
            if (isset($_GET['id'])) {
                $messages = get_option('wpcf_dismissed_messages', array());
                $messages[] = sanitize_text_field($_GET['id']);
                update_option('wpcf_dismissed_messages', $messages);
            }
            break;
        case 'pr_add_child_post':
            global $current_user;
            $output = '<tr>' . __('Passed wrong parameters', 'wpcf') . '</tr>';
            $id = 0;
            $target_post_type = isset($_GET['post_type_child']) ? sanitize_text_field($_GET['post_type_child']) : '';
            $has_permissions = true;
            if (class_exists('Access_Helper') && class_exists('TAccess_Loader') && $target_post_type != '') {
                $model = TAccess_Loader::get('MODEL/Access');
                $settings_access = $model->getAccessTypes();
                if (isset($settings_access[$target_post_type])) {
                    $role = Access_Helper::wpcf_get_current_logged_user_role();
                    if ($role == '') {
                        $role = 'guest';
                        $user_level = 0;
                    }
                    if ($role != 'administrator') {
                        if ($role != 'guest') {
                            $user_level = Access_Helper::wpcf_get_current_logged_user_level($current_user);
                        }
                        $has_permissions = Access_Helper::wpcf_access_check_if_user_can($settings_access[$target_post_type]['permissions']['publish']['role'], $user_level);
                    }
                } else {
                    if (!current_user_can('publish_posts')) {
                        $has_permissions = false;
                    }
                }
            } else {
                if (!current_user_can('publish_posts')) {
                    $has_permissions = false;
                }
            }
            if (!$has_permissions) {
                $output = '<tr><td>' . __('You do not have rights to create new items', 'wpcf') . '</td></tr>';
            } else {
                if (isset($_GET['post_id']) && isset($_GET['post_type_child']) && isset($_GET['post_type_parent'])) {
                    $relationships = get_option('wpcf_post_relationship', array());
                    $parent_post_id = intval($_GET['post_id']);
                    $parent_post = get_post($parent_post_id);
                    if (!empty($parent_post->ID)) {
                        $post_type = sanitize_text_field($_GET['post_type_child']);
                        $parent_post_type = sanitize_text_field($_GET['post_type_parent']);
                        // @todo isset & error handling
                        $data = $relationships[$parent_post_type][$post_type];
                        /*
                         * Since Types 1.1.5
                         * 
                         * We save new post
                         * CHECKPOINT
                         */
                        $id = $wpcf->relationship->add_new_child($parent_post->ID, $post_type);
                        if (is_wp_error($id)) {
                            $output = '<tr>' . $id->get_error_message() . '</tr>';
                        } else {
                            /*
                             * Here we set Relationship
                             * CHECKPOINT
                             */
                            $parent = get_post($parent_post_id);
                            $child = get_post($id);
                            if (!empty($parent->ID) && !empty($child->ID)) {
                                // Set post
                                $wpcf->post = $child;
                                // Set relationship :)
                                $wpcf->relationship->_set($parent, $child, $data);
                                // Render new row
                                $output = $wpcf->relationship->child_row($parent_post->ID, $id, $data);
                            } else {
                                $output = '<tr>' . __('Error creating post relationship', 'wpcf') . '</tr>';
                            }
                        }
                    } else {
                        $output = '<tr>' . __('Error getting parent post', 'wpcf') . '</tr>';
                    }
                }
            }
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                echo json_encode(array('output' => $output . wpcf_form_render_js_validation('#post', false), 'child_id' => $id));
            } else {
                echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post')), 'child_id' => $id));
            }
            break;
        case 'pr_save_all':
            ob_start();
            // Try to catch any errors
            $output = '';
            if (current_user_can('edit_posts') && isset($_POST['post_id'])) {
                $parent_id = intval($_POST['post_id']);
                $post_type = sanitize_text_field($_POST['post_type']);
                if (isset($_POST['wpcf_post_relationship'][$parent_id])) {
                    $children = wpcf_sanitize_post_realtionship_input((array) $_POST['wpcf_post_relationship'][$parent_id]);
                    $wpcf->relationship->save_children($parent_id, $children);
                    $output = $wpcf->relationship->child_meta_form($parent_id, strval($post_type));
                }
            }
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                // TODO Move to conditional
                $output .= '<script type="text/javascript">wpcfConditionalInit();</script>';
            }
            wpcf_show_admin_messages('echo');
            $errors = ob_get_clean();
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                echo json_encode(array('output' => $output, 'errors' => $errors));
            } else {
                echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post')), 'errors' => $errors));
            }
            break;
        case 'pr_save_child_post':
            ob_start();
            // Try to catch any errors
            $output = '';
            if (current_user_can('edit_posts') && isset($_GET['post_id']) && isset($_GET['parent_id']) && isset($_GET['post_type_parent']) && isset($_GET['post_type_child']) && isset($_POST['wpcf_post_relationship'])) {
                $parent_id = intval($_GET['parent_id']);
                $child_id = intval($_GET['post_id']);
                $parent_post_type = sanitize_text_field($_GET['post_type_parent']);
                $child_post_type = sanitize_text_field($_GET['post_type_child']);
                if (isset($_POST['wpcf_post_relationship'][$parent_id][$child_id])) {
                    $fields = wpcf_sanitize_post_relationship_input_fields((array) $_POST['wpcf_post_relationship'][$parent_id][$child_id]);
                    $wpcf->relationship->save_child($parent_id, $child_id, $fields);
                    $output = $wpcf->relationship->child_row($parent_id, $child_id, $wpcf->relationship->settings($parent_post_type, $child_post_type));
                    if (!defined('WPTOOLSET_FORMS_VERSION')) {
                        // TODO Move to conditional
                        $output .= '<script type="text/javascript">wpcfConditionalInit(\'#types-child-row-' . $child_id . '\');</script>';
                    }
                }
            }
            wpcf_show_admin_messages('echo');
            $errors = ob_get_clean();
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                echo json_encode(array('output' => $output, 'errors' => $errors));
            } else {
                echo json_encode(array('output' => $output, 'errors' => $errors, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
            }
            break;
        case 'pr_delete_child_post':
            require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php';
            $output = 'Passed wrong parameters';
            if (current_user_can('edit_posts') && isset($_GET['post_id'])) {
                $output = wpcf_pr_admin_delete_child_item(intval($_GET['post_id']));
            }
            echo json_encode(array('output' => $output));
            break;
        case 'pr_pagination':
            require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
            require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
            require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php';
            $output = 'Passed wrong parameters';
            if (current_user_can('edit_posts') && isset($_GET['post_id']) && isset($_GET['post_type'])) {
                global $wpcf;
                $parent = get_post(intval($_GET['post_id']));
                $child_post_type = sanitize_text_field($_GET['post_type']);
                if (!empty($parent->ID)) {
                    // Set post in loop
                    $wpcf->post = $parent;
                    // Save items_per_page
                    $wpcf->relationship->save_items_per_page($parent->post_type, $child_post_type, intval($_GET[$wpcf->relationship->items_per_page_option_name]));
                    $output = $wpcf->relationship->child_meta_form($parent->ID, $child_post_type);
                }
            }
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                echo json_encode(array('output' => $output));
            } else {
                echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
            }
            break;
        case 'pr_sort':
            $output = 'Passed wrong parameters';
            if (current_user_can('edit_posts') && isset($_GET['field']) && isset($_GET['sort']) && isset($_GET['post_id']) && isset($_GET['post_type'])) {
                $output = $wpcf->relationship->child_meta_form(intval($_GET['post_id']), sanitize_text_field($_GET['post_type']));
            }
            if (!defined('WPTOOLSET_FORMS_VERSION')) {
                echo json_encode(array('output' => $output));
            } else {
                echo json_encode(array('output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data('post'))));
            }
            break;
            // Not used anywhere
            /*case 'pr_sort_parent':
              $output = 'Passed wrong parameters';
              if ( isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) {
                  $output = $wpcf->relationship->child_meta_form(
                          intval( $_GET['post_id'] ), strval( $_GET['post_type'] )
                  );
              }
              if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
                  echo json_encode( array(
                      'output' => $output,
                  ) );
              } else {
                  echo json_encode( array(
                      'output' => $output,
                      'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )),
                  ) );
              }
              break;*/
            /* Usermeta */
        // Not used anywhere
        /*case 'pr_sort_parent':
          $output = 'Passed wrong parameters';
          if ( isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) {
              $output = $wpcf->relationship->child_meta_form(
                      intval( $_GET['post_id'] ), strval( $_GET['post_type'] )
              );
          }
          if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
              echo json_encode( array(
                  'output' => $output,
              ) );
          } else {
              echo json_encode( array(
                  'output' => $output,
                  'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )),
              ) );
          }
          break;*/
        /* Usermeta */
        case 'um_repetitive_add':
            if (isset($_GET['user_id'])) {
                $user_id = $_GET['user_id'];
            } else {
                $user_id = wpcf_usermeta_get_user();
            }
            if (isset($_GET['field_id']) && current_user_can('edit_user', $user_id)) {
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/usermeta-post.php';
                $field = wpcf_admin_fields_get_field(sanitize_text_field($_GET['field_id']), false, false, false, 'wpcf-usermeta');
                global $wpcf;
                $wpcf->usermeta_repeater->set($user_id, $field);
                /*
                 * 
                 * Force empty values!
                 */
                $wpcf->usermeta_repeater->cf['value'] = null;
                $wpcf->usermeta_repeater->meta = null;
                $form = $wpcf->usermeta_repeater->get_field_form(null, true);
                echo json_encode(array('output' => wpcf_form_simple($form) . wpcf_form_render_js_validation('#your-profile', false)));
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
        case 'um_repetitive_delete':
            if (isset($_POST['user_id']) && isset($_POST['field_id']) && current_user_can('edit_user', intval($_POST['user_id']))) {
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
                $user_id = intval($_POST['user_id']);
                $field = wpcf_admin_fields_get_field(sanitize_text_field($_POST['field_id']), false, false, false, 'wpcf-usermeta');
                $meta_id = intval($_POST['meta_id']);
                if (!empty($field) && !empty($user_id) && !empty($meta_id)) {
                    /*
                     * 
                     * 
                     * Changed.
                     * Since Types 1.2
                     */
                    global $wpcf;
                    $wpcf->usermeta_repeater->set($user_id, $field);
                    $wpcf->usermeta_repeater->delete($meta_id);
                    echo json_encode(array('output' => 'deleted'));
                } else {
                    echo json_encode(array('output' => 'field or post not found'));
                }
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
            /* End Usermeta */
        /* End Usermeta */
        case 'repetitive_add':
            if (current_user_can('edit_posts') && isset($_GET['field_id'])) {
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php';
                $field = wpcf_admin_fields_get_field(sanitize_text_field($_GET['field_id']));
                $parent_post_id = intval($_GET['post_id']);
                /*
                 * When post is new - post_id is 0
                 * We can safely set post_id to 1 cause
                 * values compared are filtered anyway.
                 */
                if ($parent_post_id == 0) {
                    $parent_post_id = 1;
                }
                $parent_post = get_post($parent_post_id);
                global $wpcf;
                $wpcf->repeater->set($parent_post, $field);
                /*
                 * 
                 * Force empty values!
                 */
                $wpcf->repeater->cf['value'] = null;
                $wpcf->repeater->meta = null;
                $form = $wpcf->repeater->get_field_form(null, true);
                echo json_encode(array('output' => wpcf_form_simple($form) . wpcf_form_render_js_validation('#post', false)));
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
        case 'repetitive_delete':
            if (current_user_can('edit_posts') && isset($_POST['post_id']) && isset($_POST['field_id'])) {
                require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php';
                $post_id = intval($_POST['post_id']);
                $parent_post = get_post($post_id);
                $field = wpcf_admin_fields_get_field(sanitize_text_field($_POST['field_id']));
                $meta_id = intval($_POST['meta_id']);
                if (!empty($field) && !empty($parent_post->ID) && !empty($meta_id)) {
                    /*
                     * 
                     * 
                     * Changed.
                     * Since Types 1.2
                     */
                    global $wpcf;
                    $wpcf->repeater->set($parent_post, $field);
                    $wpcf->repeater->delete($meta_id);
                    echo json_encode(array('output' => 'deleted'));
                } else {
                    echo json_encode(array('output' => 'field or post not found'));
                }
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
        case 'wpcf_entry_search':
            if (current_user_can('edit_posts') && isset($_REQUEST['post_type'])) {
                $posts_per_page = apply_filters('wpcf_pr_belongs_post_numberposts', 10);
                $args = array('posts_per_page' => apply_filters('wpcf_pr_belongs_post_posts_per_page', $posts_per_page), 'post_status' => apply_filters('wpcf_pr_belongs_post_status', array('publish', 'private')), 'post_type' => $_REQUEST['post_type'], 'suppress_filters' => 1);
                if (isset($_REQUEST['s'])) {
                    $args['s'] = $_REQUEST['s'];
                }
                if (isset($_REQUEST['page']) && preg_match('/^\\d+$/', $_REQUEST['page'])) {
                    $args['paged'] = intval($_REQUEST['page']);
                }
                $the_query = new WP_Query($args);
                $posts = array('items' => array(), 'total_count' => $the_query->found_posts, 'incomplete_results' => $the_query->found_posts > $posts_per_page, 'posts_per_page' => $posts_per_page);
                if ($the_query->have_posts()) {
                    while ($the_query->have_posts()) {
                        $the_query->the_post();
                        $post_title = get_the_title();
                        if (empty($post_title)) {
                            $post_title = sprintf(__('[empty title] ID: %d', 'wpcf'), get_the_ID());
                        }
                        $posts['items'][] = array('ID' => get_the_ID(), 'post_title' => $post_title);
                    }
                }
                /* Restore original Post Data */
                wp_reset_postdata();
                echo json_encode($posts);
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
        case 'wpcf_entry_entry':
            if (current_user_can('edit_posts') && isset($_REQUEST['p'])) {
                $wpcf_post = get_post($_REQUEST['p'], ARRAY_A);
                if (isset($wpcf_post['ID'])) {
                    $post_title = $wpcf_post['post_title'];
                    if (empty($post_title)) {
                        $post_title = sprintf(__('[empty title] ID: %d', 'wpcf'), $wpcf_post['ID']);
                    }
                    echo json_encode(array('ID' => $wpcf_post['ID'], 'post_title' => $wpcf_post['post_title']));
                } else {
                    echo json_encode(array('output' => 'params missing'));
                }
            } else {
                echo json_encode(array('output' => 'params missing'));
            }
            break;
        default:
            break;
    }
    if (function_exists('wpcf_ajax')) {
        wpcf_ajax();
    }
    die;
}
Esempio n. 6
0
 public static function wpcf_delete_cap()
 {
     if (!current_user_can('manage_options')) {
         _e('There are security problems. You do not have permissions.', 'wpcf-access');
         die;
     }
     if (!isset($_POST['wpnonce']) || !wp_verify_nonce($_POST['wpnonce'], 'wpcf-access-error-pages')) {
         die('verification failed');
     }
     $custom_caps = get_option('wpcf_access_custom_caps');
     if (!is_array($custom_caps)) {
         $custom_caps = array();
     }
     $output = '';
     $edit_role = sanitize_text_field($_POST['edit_role']);
     $model = TAccess_Loader::get('MODEL/Access');
     $access_roles = $model->getAccessRoles();
     $cap = sanitize_text_field($_POST['cap_name']);
     $remove = sanitize_text_field($_POST['remove']);
     $roles = '';
     if ($remove == 0) {
         foreach ($access_roles as $role => $role_info) {
             if (isset($role_info['caps'][$cap]) && $role != $edit_role) {
                 $roles[] = $role;
             }
         }
         if (is_array($roles)) {
             $roles = implode(", ", $roles);
             $output = '<div class="js-wpcf-removediv js-removediv_' . $cap . '">' . '<p>' . __('The following role(s) have this capability:', 'wpcf-access') . '</p>' . $roles;
             $output .= '<p><button class="js-wpcf-remove-cap-cancel button" data-cap="' . $cap . '">' . __('Cancel', 'wpcf-access') . '</button> ' . '<button class="js-wpcf-remove-cap-anyway button-primary button" data-remove="1" data-object="' . sanitize_text_field($_POST['remove_div']) . '" data-cap="' . $cap . '">' . __('Delete anyway', 'wpcf-access') . '</button> ' . '<span class="ajax-loading spinner"></span>' . '</p></div>';
         } else {
             foreach ($access_roles as $role => $role_info) {
                 if (isset($role_info['caps'][$cap])) {
                     unset($access_roles[$role]['caps'][$cap]);
                 }
             }
             $model->updateAccessRoles($access_roles);
             unset($custom_caps[$cap]);
             update_option('wpcf_access_custom_caps', $custom_caps);
             $output = 1;
         }
     } else {
         foreach ($access_roles as $role => $role_info) {
             if (isset($role_info['caps'][$cap])) {
                 unset($access_roles[$role]['caps'][$cap]);
             }
         }
         $model->updateAccessRoles($access_roles);
         unset($custom_caps[$cap]);
         update_option('wpcf_access_custom_caps', $custom_caps);
         $output = 1;
     }
     echo $output;
     die;
 }
Esempio n. 7
0
function taccess_export($what)
{
    TAccess_Loader::load('CLASS/XML_Processor');
    $xmlstring = Access_XML_Processor::exportToXMLString($what);
    return $xmlstring;
}
Esempio n. 8
0
 private static function importSettings($data, $options = array())
 {
     $model = TAccess_Loader::get('MODEL/Access');
     $results = array('new' => 0, 'updated' => 0, 'deleted' => 0, 'failed' => 0, 'errors' => array());
     $dataTypes = isset($data['types']);
     $dataTax = isset($data['taxonomies']);
     $data3 = isset($data['third_party']);
     $custom_caps = isset($data['access_custom_caps']);
     $custom_roles = isset($data['access_custom_roles']);
     $diff = array();
     $intersect = array();
     $access_settings = array('types' => $model->getAccessTypes(), 'taxonomies' => $model->getAccessTaxonomies(), 'third_party' => $model->getAccessThirdParty());
     if ($dataTypes) {
         $diff['types'] = array_diff_key($data['types'], $access_settings['types']);
         $intersect['types'] = array_intersect_key($data['types'], $access_settings['types']);
     }
     if ($dataTax) {
         $diff['taxonomies'] = array_diff_key($data['taxonomies'], $access_settings['taxonomies']);
         $intersect['taxonomies'] = array_intersect_key($data['taxonomies'], $access_settings['taxonomies']);
     }
     // apply filters for custom 3rd-party capabilities
     if ($data3) {
         $diff['third_party'] = array();
         $intersect['third_party'] = array();
         foreach ($data['third_party'] as $area => $adata) {
             $data['third_party'][$area] = apply_filters('access_import_custom_capabilities_' . $area, $data['third_party'][$area], $area);
             if (isset($access_settings['third_party'][$area])) {
                 $diff['third_party'][$area] = array_diff_key($data['third_party'][$area], $access_settings['third_party'][$area]);
                 $intersect['third_party'][$area] = array_intersect_key($data['third_party'][$area], $access_settings['third_party'][$area]);
             } else {
                 $diff['third_party'][$area] = $data['third_party'][$area];
                 $intersect['third_party'][$area] = array();
             }
         }
     }
     //taccess_log(array('Before', $access_settings, $diff, $intersect));
     // import / merge extra settings
     // Types
     if ($dataTypes) {
         $access_settings['types'] = array_merge($access_settings['types'], $diff['types']);
         $results['new'] += count($diff['types']);
     }
     // Taxonomies
     if ($dataTax) {
         $access_settings['taxonomies'] = array_merge($access_settings['taxonomies'], $diff['taxonomies']);
         $results['new'] += count($diff['taxonomies']);
     }
     // Custom caps
     if ($custom_caps) {
         $existing_custom_caps = get_option('wpcf_access_custom_caps');
         if (empty($existing_custom_caps) || !is_array($existing_custom_caps)) {
             $existing_custom_caps = array();
         }
         if (isset($options['access-overwrite-existing-settings'])) {
             $new_custom_caps = array_merge($data['access_custom_caps'], $existing_custom_caps);
         } else {
             $new_custom_caps = $data['access_custom_caps'];
         }
         update_option('wpcf_access_custom_caps', $new_custom_caps);
     }
     //Custom roles
     if ($custom_roles) {
         $access_roles = $model->getAccessRoles();
         foreach ($data['access_custom_roles'] as $role => $role_info) {
             if (isset($options['access-overwrite-existing-settings'])) {
                 remove_role($role);
             }
             $role_name = $role_info['name'];
             if (isset($role_info['title'])) {
                 $role_name = $role_info['title'];
             }
             $capabilities = $role_info['capabilities'];
             $success = add_role($role, $role_name, $capabilities);
             if (!is_null($success)) {
                 $access_roles[$role] = array('name' => $role_name, 'caps' => $capabilities);
                 $model->updateAccessRoles($access_roles);
             }
         }
     }
     // Third-Party
     if ($data3) {
         if (!isset($access_settings['third_party'])) {
             $access_settings['third_party'] = array();
         }
         foreach ($diff['third_party'] as $area => $adata) {
             if (isset($access_settings['third_party'][$area])) {
                 $access_settings['third_party'][$area] = array_merge($access_settings['third_party'][$area], $diff['third_party'][$area]);
             } else {
                 $access_settings['third_party'][$area] = $diff['third_party'][$area];
             }
             $results['new'] += count($diff['third_party'][$area]);
         }
     }
     //taccess_log(array('Import Extra', $access_settings, $diff, $intersect));
     // overwrite existing settings
     if (isset($options['access-overwrite-existing-settings'])) {
         if ($dataTypes) {
             $access_settings['types'] = array_merge($access_settings['types'], $intersect['types']);
             $results['updated'] += count($intersect['types']);
         }
         if ($dataTax) {
             $access_settings['taxonomies'] = array_merge($access_settings['taxonomies'], $intersect['taxonomies']);
             $results['updated'] += count($intersect['taxonomies']);
         }
         if ($data3) {
             foreach ($access_settings['third_party'] as $area => $adata) {
                 if (isset($intersect['third_party'][$area])) {
                     $access_settings['third_party'][$area] = array_merge($access_settings['third_party'][$area], $intersect['third_party'][$area]);
                     $results['updated'] += count($intersect['third_party'][$area]);
                 }
             }
         }
     }
     //taccess_log(array('Overwrite', $access_settings, $diff, $intersect));
     // remove not imported settings
     if (isset($options['access-remove-not-included-settings'])) {
         if ($dataTypes) {
             $tmp = count($access_settings['types']);
             $access_settings['types'] = array_intersect_key($access_settings['types'], $data['types']);
             $results['deleted'] += $tmp - count($access_settings['types']);
         }
         if ($dataTax) {
             //taccess_log(array($access_settings['taxonomies'], $data['taxonomies']));
             $tmp = count($access_settings['taxonomies']);
             $access_settings['taxonomies'] = array_intersect_key($access_settings['taxonomies'], $data['taxonomies']);
             $results['deleted'] += $tmp - count($access_settings['taxonomies']);
             //taccess_log(array($access_settings['taxonomies'], $data['taxonomies']));
         }
         if ($data3) {
             foreach ($access_settings['third_party'] as $area => $adata) {
                 if (!isset($data['third_party'][$area])) {
                     //$tmp=count($access_settings['third_party'][$area]);
                     //$access_settings['third_party']=array_diff_key($access_settings['third_party'], $data['third_party']);
                     $results['deleted'] += 1;
                     //$tmp-count($access_settings['third_party'][$area]);
                     unset($access_settings['third_party'][$area]);
                 }
             }
         }
     }
     //taccess_log(array('Remove', $access_settings, $diff, $intersect));
     // update settings
     $model->updateAccessTypes($access_settings['types']);
     $model->updateAccessTaxonomies($access_settings['taxonomies']);
     $model->updateAccessThirdParty($access_settings['third_party']);
     return $results;
 }
Esempio n. 9
0
 public static function import_export_hook($action)
 {
     if (isset($_POST['access-export']) && wp_verify_nonce($_POST['access-export-form'], 'access-export-form')) {
         TAccess_Loader::load('CLASS/XML_Processor');
         Access_XML_Processor::exportToXML('all');
     }
 }