function user_can_access_admin_page()
{
global $pagenow;
global $menu;
global $submenu;
global $_wp_menu_nopriv;
global $_wp_submenu_nopriv;
global $plugin_page;
global $_registered_pages;
$parent = get_admin_page_parent();
if (!isset($plugin_page) && isset($_wp_submenu_nopriv[$parent][$pagenow])) {
return false;
}
if (isset($plugin_page)) {
if (isset($_wp_submenu_nopriv[$parent][$plugin_page])) {
return false;
}
$hookname = get_plugin_page_hookname($plugin_page, $parent);
if (!isset($_registered_pages[$hookname])) {
return false;
}
}
if (empty($parent)) {
if (isset($_wp_menu_nopriv[$pagenow])) {
return false;
}
if (isset($_wp_submenu_nopriv[$pagenow][$pagenow])) {
return false;
}
if (isset($plugin_page) && isset($_wp_submenu_nopriv[$pagenow][$plugin_page])) {
return false;
}
if (isset($plugin_page) && isset($_wp_menu_nopriv[$plugin_page])) {
return false;
}
foreach (array_keys($_wp_submenu_nopriv) as $key) {
if (isset($_wp_submenu_nopriv[$key][$pagenow])) {
return false;
}
if (isset($plugin_page) && isset($_wp_submenu_nopriv[$key][$plugin_page])) {
return false;
}
}
return true;
}
if (isset($plugin_page) && $plugin_page == $parent && isset($_wp_menu_nopriv[$plugin_page])) {
return false;
}
if (isset($submenu[$parent])) {
foreach ($submenu[$parent] as $submenu_array) {
if (isset($plugin_page) && $submenu_array[2] == $plugin_page) {
if (current_user_can($submenu_array[1])) {
return true;
} else {
return false;
}
} else {
if ($submenu_array[2] == $pagenow) {
if (current_user_can($submenu_array[1])) {
return true;
} else {
return false;
}
}
}
}
}
foreach ($menu as $menu_array) {
if ($menu_array[2] == $parent) {
if (current_user_can($menu_array[1])) {
return true;
} else {
return false;
}
}
}
return true;
}
/**
* Determine which menu item matches the currently open admin page.
*
* @uses self::$reverse_item_lookup
* @return array|null Menu item in the internal format, or NULL if no matching item can be found.
*/
private function get_current_menu_item()
{
if (!is_admin() || empty($this->reverse_item_lookup)) {
if (!is_admin()) {
$this->log_security_note('This is not an admin page. is_admin() returns false.');
} else {
if (empty($this->reverse_item_lookup)) {
$this->log_security_note('Warning: reverse_item_lookup is empty!');
}
}
return null;
}
//The current menu item doesn't change during a request, so we can cache it
//and avoid searching the entire menu every time.
static $cached_item = null;
if ($cached_item !== null) {
return $cached_item;
}
//Find an item where *all* query params match the current ones, with as few extraneous params as possible,
//preferring sub-menu items. This is intentionally more strict than what we do in menu-highlight-fix.js,
//since this function is used to check menu access.
//TODO: Use get_current_screen() to determine the current post type and taxonomy.
$best_item = null;
$best_extra_params = PHP_INT_MAX;
$base_site_url = get_site_url();
if (preg_match('@(^\\w+://[^/]+)@', $base_site_url, $matches)) {
//Extract scheme + hostname.
$base_site_url = $matches[1];
}
//Calling admin_url() once and then manually appending each page's path is measurably faster than calling it
//for each menu, but it means the "admin_url" filter is only called once. If there is a plugin that changes
//the admin_url for some pages but not others, this could lead to bugs (no such plugins are known at this time).
$base_admin_url = admin_url();
$admin_url_is_filtered = has_filter('admin_url');
$current_url = $base_site_url . remove_query_arg('___ame_dummy_param___');
$this->log_security_note(sprintf('Current URL: "%s"', htmlentities($current_url)));
$current_url = $this->parse_url($current_url);
//Hook-based submenu pages can be accessed via both "parent-page.php?page=foo" and "admin.php?page=foo".
//WP has a private API function for determining the canonical parent page for the current request.
if ($this->endsWith($current_url['path'], '/admin.php') && is_callable('get_admin_page_parent')) {
$real_parent = get_admin_page_parent('admin.php');
if (!empty($real_parent) && $real_parent !== 'admin.php') {
$current_url['alt_path'] = str_replace('/admin.php', '/' . $real_parent, $current_url['path']);
}
}
foreach ($this->reverse_item_lookup as $url => $item) {
$item_url = $url;
//Convert to absolute URL. Caution: directory traversal (../, etc) is not handled.
if (strpos($item_url, '://') === false) {
if (substr($item_url, 0, 1) == '/') {
$item_url = $base_site_url . $item_url;
} else {
if ($admin_url_is_filtered) {
$item_url = admin_url($item_url);
} else {
$item_url = $base_admin_url . ltrim($item_url, '/');
}
}
}
$item_url = $this->parse_url($item_url);
//Must match scheme, host, port, user, pass and path or alt_path.
$components = array('scheme', 'host', 'port', 'user', 'pass');
$is_close_match = $this->urlPathsMatch($current_url['path'], $item_url['path']);
if (!$is_close_match && isset($current_url['alt_path'])) {
$is_close_match = $this->urlPathsMatch($current_url['alt_path'], $item_url['path']);
//Technically, we should also compare current[path] vs item[alt_path],
//but generating the alt_path for each menu item would be complicated.
}
foreach ($components as $component) {
$is_close_match = $is_close_match && $current_url[$component] == $item_url[$component];
if (!$is_close_match) {
break;
}
}
//The current URL must match all query parameters of the item URL.
$different_params = array_diff_assoc($item_url['params'], $current_url['params']);
//The current URL must have as few extra parameters as possible.
$extra_params = array_diff_assoc($current_url['params'], $item_url['params']);
if ($is_close_match && count($different_params) == 0 && count($extra_params) < $best_extra_params) {
$best_item = $item;
$best_extra_params = count($extra_params);
}
}
$cached_item = $best_item;
return $best_item;
}
function get_plugin_page_hookname($plugin_page, $parent_page)
{
global $admin_page_hooks;
$parent = get_admin_page_parent();
if (empty($parent_page) || 'admin.php' == $parent_page) {
if (isset($admin_page_hooks[$plugin_page])) {
$page_type = 'toplevel';
} else {
if (isset($admin_page_hooks[$parent])) {
$page_type = $admin_page_hooks[$parent];
}
}
} else {
if (isset($admin_page_hooks[$parent_page])) {
$page_type = $admin_page_hooks[$parent_page];
} else {
$page_type = 'admin';
}
}
$plugin_name = preg_replace('!\\.php!', '', $plugin_page);
return $page_type . '_page_' . $plugin_name;
}
*
* @since MU
*
* @param string $parent_file The parent file.
*/
$parent_file = apply_filters('parent_file', $parent_file);
/**
* Filter the file of an admin menu sub-menu item.
*
* @since 4.4.0
*
* @param string $submenu_file The submenu file.
* @param string $parent_file The submenu item's parent file.
*/
$submenu_file = apply_filters('submenu_file', $submenu_file, $parent_file);
get_admin_page_parent();
/**
* Display menu.
*
* @access private
* @since 2.7.0
*
* @global string $self
* @global string $parent_file
* @global string $submenu_file
* @global string $plugin_page
* @global string $typenow
*
* @param array $menu
* @param array $submenu
* @param bool $submenu_as_parent
/**
* Generates the Shopp admin menus
*
* @author Jonathan Davis
* @since 1.1
*
* @return void
**/
public function menus()
{
global $menu, $plugin_page;
$access = 'shopp_menu';
if (Shopp::maintenance()) {
$access = 'manage_options';
}
// Add main menus
$position = shopp_admin_add_menu(Shopp::__('Shopp'), 'orders', 40, false, 'shopp_orders', Shopp::clearpng());
shopp_admin_add_menu(Shopp::__('Catalog'), 'products', $position, false, 'shopp_products', Shopp::clearpng());
// Add after the Shopp menus to avoid being purged by the duplicate separator check
$menu[$position - 1] = array('', 'read', 'separator-shopp', '', 'wp-menu-separator');
// Add menus to WordPress admin
foreach ($this->pages as $page) {
$this->submenus($page);
}
$parent = get_admin_page_parent();
if (isset($this->menus[$parent]) && false === strpos($this->menus[$parent], 'toplevel')) {
$current_page = $plugin_page;
$plugin_page = $parent;
add_action('adminmenu', create_function('', 'global $plugin_page; $plugin_page = "' . $current_page . '";'));
}
}
function user_can_access_admin_page() {
global $pagenow;
global $menu;
global $submenu;
global $_wp_menu_nopriv;
global $_wp_submenu_nopriv;
global $plugin_page;
$parent = get_admin_page_parent();
if ( isset( $_wp_submenu_nopriv[$parent][$pagenow] ) )
return false;
if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$parent][$plugin_page] ) )
return false;
if ( empty( $parent) ) {
if ( isset( $_wp_menu_nopriv[$pagenow] ) )
return false;
if ( isset( $_wp_submenu_nopriv[$pagenow][$pagenow] ) )
return false;
if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$pagenow][$plugin_page] ) )
return false;
foreach (array_keys( $_wp_submenu_nopriv ) as $key ) {
if ( isset( $_wp_submenu_nopriv[$key][$pagenow] ) )
return false;
if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$key][$plugin_page] ) )
return false;
}
return true;
}
if ( isset( $submenu[$parent] ) ) {
foreach ( $submenu[$parent] as $submenu_array ) {
if ( isset( $plugin_page ) && ( $submenu_array[2] == $plugin_page ) ) {
if ( current_user_can( $submenu_array[1] ))
return true;
else
return false;
} else if ( $submenu_array[2] == $pagenow ) {
if ( current_user_can( $submenu_array[1] ))
return true;
else
return false;
}
}
}
foreach ( $menu as $menu_array ) {
if ( $menu_array[2] == $parent) {
if ( current_user_can( $menu_array[1] ))
return true;
else
return false;
}
}
return true;
}
/**
* Load CSS and JS files in wp-admin area
*
* @since 1.1
*/
public static function dslc_load_scripts_admin($hook)
{
/* Check current screen id and set var accordingly */
$current_screen = '';
if ('post-new.php' === $hook || 'post.php' === $hook) {
$current_screen = 'post-editing';
}
if (false !== strpos($hook, 'dslc_plugin_options') || false !== strpos($hook, 'dslc_getting_started') || 'dslc_plugin_options' === get_admin_page_parent()) {
$current_screen = 'dslc-options';
}
if ('toplevel_page_livecomposer_editor' === $hook) {
$current_screen = 'dslc-editing-screen';
}
/* Define some variables affecting further scripts loading */
// Load minimized scripts and css resources.
$min_suffix = '';
if (!SCRIPT_DEBUG) {
$min_suffix = '.min';
}
// What protocol to use.
$protocol = 'http';
if (is_ssl()) {
$protocol = 'https';
}
/* If current screen is Live Composer editing screen */
if ('dslc-editing-screen' === $current_screen && is_user_logged_in() && current_user_can(DS_LIVE_COMPOSER_CAPABILITY)) {
global $dslc_active;
/**
* Live Composer Active
*/
wp_enqueue_media();
/**
* CSS
*/
wp_enqueue_style('dslc-builder-main-css', DS_LIVE_COMPOSER_URL . 'css/builder/builder.main.css', array(), DS_LIVE_COMPOSER_VER);
wp_enqueue_style('dslc-builder-plugins-css', DS_LIVE_COMPOSER_URL . 'css/builder/builder.plugins.css', array(), DS_LIVE_COMPOSER_VER);
wp_enqueue_style('dslc-font-awesome', DS_LIVE_COMPOSER_URL . 'css/font-awesome' . $min_suffix . '.css', array(), DS_LIVE_COMPOSER_VER);
/**
* JavaScript
*/
wp_enqueue_script('jquery-ui-core');
wp_enqueue_script('jquery-ui-sortable');
wp_enqueue_script('jquery-ui-draggable');
wp_enqueue_script('jquery-ui-droppable');
wp_enqueue_script('jquery-effects-core');
wp_enqueue_script('jquery-ui-resizable');
wp_enqueue_script('wp-mediaelement');
wp_enqueue_script('imagesloaded');
// Need this for Masonry.
wp_enqueue_script('jquery-masonry');
wp_enqueue_script('dslc-builder-plugins-js', DS_LIVE_COMPOSER_URL . 'js/builder/builder.plugins.js', array('jquery'), DS_LIVE_COMPOSER_VER);
if (!SCRIPT_DEBUG) {
wp_enqueue_script('dslc-builder-main-js', DS_LIVE_COMPOSER_URL . 'js/builder.all.min.js', array('jquery'), DS_LIVE_COMPOSER_VER);
} else {
self::load_scripts('builder', 'dslc-builder-main-js');
}
wp_localize_script('dslc-builder-main-js', 'DSLCAjax', array('ajaxurl' => admin_url('admin-ajax.php', $protocol)));
$translation_array = array('str_confirm' => __('Confirm', 'live-composer-page-builder'), 'str_ok' => __('OK', 'live-composer-page-builder'), 'str_import' => __('IMPORT', 'live-composer-page-builder'), 'str_exit_title' => __('You are about to exit Live Composer', 'live-composer-page-builder'), 'str_exit_descr' => __('If you have unsaved changed they will be lost.<br>If the "Publish Changes" button is shown in bottom right corner click it to save.', 'live-composer-page-builder'), 'str_area_helper_text' => __('MODULES AREA', 'live-composer-page-builder'), 'str_row_helper_text' => __('MODULES ROW', 'live-composer-page-builder'), 'str_import_row_title' => __('Import Row', 'live-composer-page-builder'), 'str_import_row_descr' => __('Copy the row export code bellow.', 'live-composer-page-builder'), 'str_del_module_title' => __('Delete Module', 'live-composer-page-builder'), 'str_del_module_descr' => __('Are you sure you want to delete this module?', 'live-composer-page-builder'), 'str_del_area_title' => __('Delete Area/Column', 'live-composer-page-builder'), 'str_del_area_descr' => __('Are you sure you want to delete this modules area?', 'live-composer-page-builder'), 'str_del_row_title' => __('Delete Row', 'live-composer-page-builder'), 'str_del_row_descr' => __('Are you sure you want to delete this row?', 'live-composer-page-builder'), 'str_export_row_title' => __('Export Row', 'live-composer-page-builder'), 'str_export_row_descr' => __('The code bellow is the importable code for this row.', 'live-composer-page-builder'), 'str_module_curr_edit_title' => __('You are currently editing a module', 'live-composer-page-builder'), 'str_module_curr_edit_descr' => __('You need to either <strong>confirm</strong> or <strong>cancel</strong> those changes before continuing.', 'live-composer-page-builder'), 'str_row_curr_edit_title' => __('You are currently editing a modules row', 'live-composer-page-builder'), 'str_row_curr_edit_descr' => __('You need to either <strong>confirm</strong> or <strong>cancel</strong> those changes before continuing.', 'live-composer-page-builder'), 'str_refresh_title' => __('You are about to refresh the page', 'live-composer-page-builder'), 'str_refresh_descr' => __('If you have unsaved changed they will be lost.<br>If the "Publish Changes" button is shown in bottom right corner click it to save.', 'live-composer-page-builder'), 'str_res_tablet' => __('Tablet', 'live-composer-page-builder'), 'str_res_phone' => __('Phone', 'live-composer-page-builder'));
// Allow devs to alter available fonts.
$fonts_array = apply_filters('dslc_available_fonts', self::$fonts_array);
wp_localize_script('dslc-builder-main-js', 'DSLCString', $translation_array);
wp_localize_script('dslc-builder-main-js', 'DSLCFonts', self::$fonts_array);
// Array of icons available to be used.
global $dslc_var_icons;
wp_localize_script('dslc-builder-main-js', 'DSLCIcons', $dslc_var_icons);
}
/* If current screen is standard post editing screen in WP Admin */
if ('post-editing' === $current_screen) {
wp_enqueue_script('dslc-post-options-js-admin', DS_LIVE_COMPOSER_URL . 'includes/post-options-framework/js/main' . $min_suffix . '.js', array('jquery', 'jquery-ui-core', 'jquery-ui-datepicker'), DS_LIVE_COMPOSER_VER);
if ('page' === get_post_type(get_the_ID()) && 'post.php' === $hook) {
wp_localize_script('dslc-post-options-js-admin', 'tabData', array('tabTitle' => __('Page Builder', 'live-composer-page-builder')));
}
wp_enqueue_style('jquery-ui-datepicker', '//ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/themes/smoothness/jquery-ui.css');
wp_enqueue_style('dslc-post-options-css-admin', DS_LIVE_COMPOSER_URL . 'includes/post-options-framework/css/main' . $min_suffix . '.css', array(), DS_LIVE_COMPOSER_VER);
/* If Yoast WP is active */
if (defined('WPSEO_VERSION')) {
wp_enqueue_script('dslc-yoast-seo-admin', DS_LIVE_COMPOSER_URL . 'js/builder.wpadmin/builder.yoast-seo.js', array(), DS_LIVE_COMPOSER_VER, true);
}
}
/* If current screen is Live Composer options page */
if ('dslc-options' === $current_screen) {
wp_enqueue_script('dslc-plugin-options-js-admin', DS_LIVE_COMPOSER_URL . 'includes/plugin-options-framework/js/main' . $min_suffix . '.js', array('jquery'), DS_LIVE_COMPOSER_VER);
wp_enqueue_style('dslc-plugin-options-css-admin', DS_LIVE_COMPOSER_URL . 'includes/plugin-options-framework/css/main' . $min_suffix . '.css', array(), DS_LIVE_COMPOSER_VER);
wp_localize_script('dslc-plugin-options-js-admin', 'dslcajax', array('nonce' => wp_create_nonce('dslc-optionspanel-ajax')));
}
}
function get_admin_page_title() {
global $title;
global $menu;
global $submenu;
global $pagenow;
global $plugin_page;
if (isset($title) && ! empty($title)) {
return $title;
}
$parent = get_admin_page_parent();
if (empty($parent)) {
foreach ($menu as $menu_array) {
if (isset($menu_array[3])) {
if ($menu_array[2] == $pagenow) {
$title = $menu_array[3];
return $menu_array[3];
} else if (isset($plugin_page) && ($plugin_page == $menu_array[2])) {
$title = $menu_array[3];
return $menu_array[3];
}
}
}
} else {
foreach (array_keys($submenu) as $parent) {
foreach ($submenu[$parent] as $submenu_array) {
if (isset($submenu_array[3])) {
if ($submenu_array[2] == $pagenow) {
$title = $submenu_array[3];
return $submenu_array[3];
} else if (isset($plugin_page) && ($plugin_page == $submenu_array[2])) {
$title = $submenu_array[3];
return $submenu_array[3];
}
}
}
}
}
return '';
}