public static function tally_term_counts(&$terms, $taxonomy, $args = array()) { global $wpdb, $pp_current_user; if (!$terms) { return; } $defaults = array('pad_counts' => true, 'post_type' => '', 'required_operation' => ''); $args = array_merge($defaults, (array) $args); extract($args); $term_items = array(); if ($terms) { if (!is_object(reset($terms))) { return $terms; } foreach ((array) $terms as $key => $term) { $terms_by_id[$term->term_id] =& $terms[$key]; $term_ids[$term->term_taxonomy_id] = $term->term_id; } } // Get the object and term ids and stick them in a lookup table $tax_obj = get_taxonomy($taxonomy); $object_types = $post_type ? (array) $post_type : (array) esc_sql($tax_obj->object_type); if (pp_unfiltered()) { $stati = get_post_stati(array('public' => true, 'private' => true), 'names', 'or'); $type_status_clause = "AND post_type IN ('" . implode("', '", $object_types) . "') AND post_status IN ('" . implode("', '", $stati) . "')"; } else { global $query_interceptor; $type_status_clause = $query_interceptor->get_posts_where(array('post_types' => $object_types, 'required_operation' => $required_operation)); // need to apply term restrictions in case post is restricted by another taxonomy } if (!$required_operation) { $required_operation = pp_is_front() && !is_preview() ? 'read' : 'edit'; } $results = $wpdb->get_results("SELECT object_id, term_taxonomy_id FROM {$wpdb->term_relationships} INNER JOIN {$wpdb->posts} ON object_id = ID WHERE term_taxonomy_id IN ('" . implode("','", array_keys($term_ids)) . "') {$type_status_clause}"); foreach ($results as $row) { $id = $term_ids[$row->term_taxonomy_id]; $term_items[$id][$row->object_id] = isset($term_items[$id][$row->object_id]) ? ++$term_items[$id][$row->object_id] : 1; } // Touch every ancestor's lookup row for each post in each term foreach ($term_ids as $term_id) { $child = $term_id; while (!empty($terms_by_id[$child]) && ($parent = $terms_by_id[$child]->parent)) { if (!empty($term_items[$term_id])) { foreach ($term_items[$term_id] as $item_id => $touches) { $term_items[$parent][$item_id] = isset($term_items[$parent][$item_id]) ? ++$term_items[$parent][$item_id] : 1; } } $child = $parent; } } foreach (array_keys($terms_by_id) as $key) { $terms_by_id[$key]->count = 0; } // Transfer the touched cells foreach ((array) $term_items as $id => $items) { if (isset($terms_by_id[$id])) { $terms_by_id[$id]->count = count($items); } } }
function __construct() { add_filter('get_terms_args', array(&$this, 'flt_get_terms_args'), 50, 2); add_filter('terms_clauses', array(&$this, 'flt_terms_clauses'), 50, 3); if (pp_is_front() && !pp_unfiltered()) { add_filter('get_the_terms', array(&$this, 'flt_get_the_terms'), 10, 3); } }
public static function flt_posts_request($request, $args = array()) { if (pp_unfiltered()) { return $request; } $defaults = array('post_types' => array(), 'source_alias' => '', 'only_append_where' => ''); $args = array_merge($defaults, $args); extract($args, EXTR_SKIP); global $wpdb, $query_interceptor; if (apply_filters('pp_posts_request_bypass', false, $request, $args)) { return $request; } //d_echo( "<br />flt_objects_request: $request<br />" ); if (!preg_match('/\\s*WHERE\\s*1=1/', $request)) { $request = preg_replace('/\\s*WHERE\\s*/', ' WHERE 1=1 AND ', $request); } $clauses = array(); $pos_where = 0; $pos_suffix = 0; $clauses['where'] = agp_parse_after_WHERE_11($request, $pos_where, $pos_suffix); // NOTE: any existing where, orderby or group by clauses remain in $where if (!$pos_where && $pos_suffix) { $request = substr($request, 0, $pos_suffix) . ' WHERE 1=1' . substr($request, $pos_suffix); $pos_where = $pos_suffix; } if (!$only_append_where) { if (!isset($args['source_alias'])) { // If the query uses an alias for the posts table, be sure to use that alias in the WHERE clause also. // // NOTE: if query refers to non-active site, this code will prevent a DB syntax error, but will not cause the correct roles / statuses to be applied. // Other plugins need to use switch_to_blog() rather than just executing a query on a non-main site. $matches = array(); if ($return = preg_match('/SELECT .* FROM [^ ]+posts AS ([^ ]) .*/', $request, $matches)) { $args['source_alias'] = $matches[2]; } elseif ($return = preg_match('/SELECT .* FROM ([^ ]+)posts .*/', $request, $matches)) { $args['source_alias'] = $matches[1] . 'posts'; } } if (false !== strpos($request, ' COUNT( * ) AS num_posts')) { $args['include_trash'] = true; } // attachment filtering is applied here $clauses['where'] = apply_filters('pp_posts_clauses_where', $query_interceptor->flt_posts_where($clauses['where'], $args), $clauses, $args); } //dump($clauses); if ($pos_where === false) { $request .= " WHERE 1=1 {$only_append_where} " . $clauses['where']; } else { $request = substr($request, 0, $pos_where) . " WHERE 1=1 {$only_append_where} " . $clauses['where']; } // any pre-exising join clauses remain in $request //d_echo( "<br /><br />filtered: $request<br /><br />" ); return $request; }
function load_user_config() { // ===== Query Filters to limit/enable the current user if ($this->filtering_enabled) { global $pagenow; $is_unfiltered = pp_unfiltered(); $is_administrator = pp_is_content_administrator(); // even users who are unfiltered in terms of their own access will normally have some of these filters applied to force inclusion of readable private posts in get_pages() listing, post counts, etc. if ($is_front = pp_is_front()) { $front_filtering = !$is_unfiltered || !defined('PP_ALLOW_UNFILTERED_FRONT'); } // (also use content filters on front end to FILTER IN private content which WP inappropriately hides from administrators) if ($is_front && $front_filtering || (!$is_unfiltered || 'nav-menus.php' == $pagenow)) { global $query_interceptor; if (!isset($query_interceptor)) { // since this could possibly fire on multiple 'set_current_user' calls, avoid redundancy require_once dirname(__FILE__) . '/query-interceptor_pp.php'; $query_interceptor = new PP_QueryInterceptor(array('direct_file_access' => $this->direct_file_access)); } } if ($is_front && $front_filtering) { global $pp_qry_int_front; require_once dirname(__FILE__) . '/query-interceptor-front_pp.php'; $pp_qry_int_front = new PP_QueryInterceptorFront(); require_once dirname(__FILE__) . '/front_pp.php'; if ($is_unfiltered && $is_administrator) { require_once dirname(__FILE__) . '/comments-int-administrator_pp.php'; } } if (!$is_unfiltered) { global $cap_interceptor; if (!isset($cap_interceptor)) { require_once dirname(__FILE__) . '/cap-interceptor_pp.php'; $cap_interceptor = new PP_CapInterceptor(); } require_once dirname(__FILE__) . '/comments-interceptor_pp.php'; } if ($is_front && $front_filtering || !$is_unfiltered && (!defined('DOING_AUTOSAVE') || !DOING_AUTOSAVE)) { pp_init_terms_interceptor(); } elseif (is_admin() && $is_unfiltered) { require_once dirname(__FILE__) . '/admin/terms-interceptor-administrator_pp.php'; // for filtering of post count } // ported or low-level query filters to work around limitations in WP core API if (!$this->direct_file_access && (!$is_front || $front_filtering) && (!defined('XMLRPC_REQUEST') || !$is_administrator)) { // don't add for direct file access or administrator XML-RPC //add_filter( 'query', array( &$this, 'get_pages_query_watch' ), 50, 1 ); add_filter('get_pages', array(&$this, 'flt_get_pages'), 1, 2); } } }
function force_autosave_before_upload() { // under some configuration, it is necessary to pre-assign categories. Autosave accomplishes this by triggering save_post action handlers. if (!pp_unfiltered()) { ?> <script type="text/javascript"> /* <![CDATA[ */ jQuery(document).ready( function($) { $( '#wp-content-media-buttons a').click( function() { if ( $('#post-status-info span.autosave-message').html() == ' ' ) { autosave(); } }); }); /* ]]> */ </script> <?php } }
function flt_do_posts_request($request, $args = array()) { if (pp_unfiltered()) { return $request; } require_once dirname(__FILE__) . '/query-interceptor-extra_pp.php'; return PP_QueryInterceptorExtra::flt_posts_request($request, $args); }