function get_posts_where($args) { $defaults = array('post_types' => array(), 'source_alias' => false, 'src_table' => '', 'apply_term_restrictions' => true, 'include_trash' => 0, 'required_operation' => '', 'limit_statuses' => false, 'skip_teaser' => false, 'query_contexts' => array(), 'force_types' => false); $args = array_merge($defaults, (array) $args); extract($args, EXTR_SKIP); //d_echo ("<br /><strong>get_posts_where:</strong> <br />"); global $wpdb; if (!$src_table) { $src_table = $source_alias ? $source_alias : $wpdb->posts; $args['src_table'] = $src_table; } if (!$force_types) { $post_types = array_intersect((array) $post_types, pp_get_enabled_post_types()); } $tease_otypes = array_intersect($post_types, $this->_get_teaser_post_types($post_types, $args)); if (!$required_operation) { $required_operation = pp_is_front() && !is_preview() ? 'read' : 'edit'; $args['required_operation'] = $required_operation; } if ($query_contexts) { $query_contexts = (array) $query_contexts; } $meta_cap = "{$required_operation}_post"; if ('read' == $required_operation) { $use_statuses = array_merge(pp_get_post_stati(array('public' => true, 'post_type' => $post_types), 'object'), pp_get_post_stati(array('private' => true, 'post_type' => $post_types), 'object')); foreach ($use_statuses as $key => $obj) { if (!empty($obj->exclude_from_search)) { // example usage is bbPress hidden status unset($use_statuses[$key]); } } } else { $use_statuses = pp_get_post_stati(array('internal' => false, 'post_type' => $post_types), 'object'); } if (in_array('attachment', $post_types)) { $use_statuses['inherit'] = (object) array(); } if (is_array($limit_statuses)) { $use_statuses = array_intersect_key($use_statuses, $limit_statuses); } if (empty($skip_teaser) && !array_diff($post_types, $tease_otypes)) { // All object types potentially returned by this query will have a teaser filter applied to results, so we don't need to use further query filtering $status_clause = "AND {$src_table}.post_status IN ('" . implode("','", array_keys($use_statuses)) . "')"; return $status_clause; } if (!is_bool($include_trash)) { if (!empty($_REQUEST['post_status']) && 'trash' == $_REQUEST['post_status']) { $include_trash = true; } } $where_arr = array(); global $pp_current_user; global $pp_meta_caps; $flag_meta_caps = !empty($pp_meta_caps); foreach ($post_types as $post_type) { if (in_array($post_type, $tease_otypes) && empty($skip_teaser)) { $where_arr[$post_type] = "{$src_table}.post_type = '{$post_type}' AND 1=1"; } else { $have_site_caps = array(); $type_obj = get_post_type_object($post_type); foreach (array_keys($use_statuses) as $status) { if ('private' == $status) { $cap_property = "{$required_operation}_private_posts"; if (empty($type_obj->cap->{$cap_property})) { continue; } } if ($flag_meta_caps) { $pp_meta_caps->do_status_cap_map = true; } $reqd_caps = pp_map_meta_cap($meta_cap, $pp_current_user->ID, 0, compact('post_type', 'status', 'query_contexts')); if ($flag_meta_caps) { $pp_meta_caps->do_status_cap_map = false; } if ($reqd_caps) { // note: this function is called only for listing query filters (not for user_has_cap filter) if ($missing_caps = apply_filters('pp_query_missing_caps', array_diff($reqd_caps, array_keys($pp_current_user->allcaps)), $reqd_caps, $post_type, $meta_cap)) { $owner_reqd_caps = $this->get_base_caps($reqd_caps, $post_type); // remove "others" and "private" cap requirements for post author if ($owner_reqd_caps != $reqd_caps && $pp_current_user->ID) { // && ! $omit_owner_clause if (!array_diff($owner_reqd_caps, array_keys($pp_current_user->allcaps))) { $have_site_caps['owner'][] = $status; } } } else { $have_site_caps['user'][] = $status; } } } $have_site_caps = apply_filters('pp_have_site_caps', $have_site_caps, $post_type, $args); if ($include_trash) { if ($type_obj = get_post_type_object($post_type)) { if ('edit_post' == $meta_cap && !empty($pp_current_user->allcaps[$type_obj->cap->edit_posts]) || 'delete_post' == $meta_cap && !empty($pp_current_user->allcaps[$type_obj->cap->delete_posts])) { if (!isset($type_obj->cap->delete_others_posts) || !empty($pp_current_user->allcaps[$type_obj->cap->delete_others_posts])) { $have_site_caps['user'][] = 'trash'; } else { $have_site_caps['owner'][] = 'trash'; } } } } $where_arr[$post_type] = array(); if (!empty($have_site_caps['user'])) { $where_arr[$post_type]['user'] = "******" . implode("','", array_unique($have_site_caps['user'])) . "')"; } //dump($have_site_caps); if (!empty($have_site_caps['owner'])) { $parent_clause = ''; // PPCE may be set to "ID IN (...) OR " to enable post revisors to edit their own pending revisions $args['post_type'] = $post_type; $_vars = apply_filters('pp_generate_where_clause_force_vars', null, 'post', $args); if (is_array($_vars)) { extract($_vars); // possible @todo: intersect keys as with pp_has_cap_force_vars } if (!empty($args['skip_stati_usage_clause']) && !$limit_statuses && !array_diff_key($use_statuses, array_flip($have_site_caps['owner']))) { $where_arr[$post_type]['owner'] = "{$parent_clause} ( {$src_table}.post_author = {$pp_current_user->ID} )"; } else { $where_arr[$post_type]['owner'] = "{$parent_clause} ( {$src_table}.post_author = {$pp_current_user->ID} ) AND {$src_table}.post_status IN ('" . implode("','", array_unique($have_site_caps['owner'])) . "')"; } } if (is_array($where_arr[$post_type])) { if ($where_arr[$post_type]) { $where_arr[$post_type] = pp_implode('OR', $where_arr[$post_type]); $where_arr[$post_type] = "1=1 AND ( " . $where_arr[$post_type] . " )"; } else { $where_arr[$post_type] = '1=2'; } } if ($modified = apply_filters('pp_adjust_posts_where_clause', false, $where_arr[$post_type], $post_type, $args)) { $where_arr[$post_type] = $modified; } if ('attachment' == $post_type) { if ('read' == $required_operation || apply_filters('pp_force_attachment_parent_clause', false, $args)) { //if ( ( 'read' == $required_operation ) || ( defined('DOING_AJAX') && DOING_AJAX && ( false != strpos( $_SERVER['REQUEST_URI'], 'async-upload.php' ) ) ) || apply_filters( 'pp_force_attachment_parent_clause', false, $args ) ) { $where_arr[$post_type] = "( " . $this->append_attachment_clause("{$src_table}.post_type = 'attachment'", array(), $args) . " )"; } } if ('delete' == $required_operation) { $const = "PP_EDIT_EXCEPTIONS_ALLOW_" . strtoupper($post_type) . "_DELETION"; if (defined('PP_EDIT_EXCEPTIONS_ALLOW_DELETION') || defined($const)) { $required_operation = 'edit'; } } $where_arr[$post_type] = PP_Exceptions::add_exception_clauses($where_arr[$post_type], $required_operation, $post_type, $args); } } // end foreach post_type if (!($pp_where = pp_implode('OR', $where_arr))) { $pp_where = '1=1'; } // term restrictions which apply to any post type if ($apply_term_restrictions) { if ($term_exc_where = PP_Exceptions::add_term_restrictions_clause($required_operation, '', $src_table, array('merge_universals' => true, 'merge_additions' => true, 'exempt_post_types' => $tease_otypes))) { $pp_where = "( {$pp_where} ) {$term_exc_where}"; } } if ($pp_where) { $pp_where = " AND ( {$pp_where} )"; } return $pp_where; }
public static function get_restriction_clause($operation, $post_type, $args = array()) { require_once PPC_ABSPATH . '/exceptions_pp.php'; return PP_Exceptions::get_exceptions_clause($operation, $post_type, $args); }