예제 #1
0
function scoper_act_set_current_user()
{
    $id = !empty($GLOBALS['current_user']) ? $GLOBALS['current_user']->ID : 0;
    if (defined('MULTISITE') && MULTISITE) {
        scoper_version_check();
    }
    if ($id || defined('SCOPER_ANON_METAGROUP')) {
        require_once dirname(__FILE__) . '/scoped-user.php';
        $GLOBALS['current_rs_user'] = new WP_Scoped_User($id);
        // other properties (blog_roles, assigned_term_roles, term_roles) will be set as populated
        foreach (array('groups', 'assigned_blog_roles') as $var) {
            $GLOBALS['current_user']->{$var} = $GLOBALS['current_rs_user']->{$var};
        }
    } else {
        require_once dirname(__FILE__) . '/scoped-user_anon.php';
        $GLOBALS['current_rs_user'] = new WP_Scoped_User_Anon();
    }
    // since sequence of set_current_user and init actions seems unreliable, make sure our current_user is loaded first
    if (!empty($GLOBALS['scoper'])) {
        return;
    } elseif (defined('INIT_ACTION_DONE_RS')) {
        scoper_init();
    } else {
        static $done = false;
        if ($done) {
            return;
        } else {
            $done = true;
        }
        $priority = defined('SCOPER_EARLY_INIT') ? 3 : 50;
        add_action('init', 'scoper_init', $priority);
    }
}
예제 #2
0
 function init()
 {
     scoper_version_check();
     if (!isset($this->data_sources)) {
         $this->load_config();
     }
     $is_administrator = is_content_administrator_rs();
     if ($doing_cron = defined('DOING_CRON')) {
         if (!defined('DISABLE_QUERYFILTERS_RS')) {
             define('DISABLE_QUERYFILTERS_RS', true);
         }
     }
     if (!($this->direct_file_access = strpos($_SERVER['QUERY_STRING'], 'rs_rewrite'))) {
         $this->add_main_filters();
     }
     // ===== Special early exit if this is a plugin install script
     if (is_admin()) {
         if (in_array($GLOBALS['pagenow'], array('plugin-install.php', 'plugin-editor.php'))) {
             // flush RS cache on activation of any plugin, in case we cached results based on its presence / absence
             if (!empty($_POST) || !empty($_REQUEST['action'])) {
                 if (!empty($_POST['networkwide']) || 'plugin-editor.php' == $GLOBALS['pagenow']) {
                     wpp_cache_flush_all_sites();
                 } else {
                     wpp_cache_flush();
                 }
             }
             do_action('scoper_init');
             return;
             // no further filtering on WP plugin maintenance scripts
         }
     }
     // =====
     require_once dirname(__FILE__) . '/attachment-interceptor_rs.php';
     $GLOBALS['attachment_interceptor'] = new AttachmentInterceptor_RS();
     // .htaccess file is always there, so we always need to handle its rewrites
     // ===== Content Filters to limit/enable the current user
     $disable_queryfilters = defined('DISABLE_QUERYFILTERS_RS');
     if ($disable_queryfilters) {
         // Some wp-admin pages need to list pages or categories based on front-end access.  Classic example is Subscribe2 categories checklist, included in Subscriber profile
         // In that case, filtering will be applied even if wp-admin filtering is disabled.  API hook enables other plugins to defined their own "always filter" URIs.
         $always_filter_uris = apply_filters('scoper_always_filter_uris', array('p-admin/profile.php'));
         if (in_array($GLOBALS['pagenow'], $always_filter_uris) || in_array($GLOBALS['plugin_page_cr'], $always_filter_uris)) {
             $disable_queryfilters = false;
             break;
         }
     }
     // register a map_meta_cap filter to handle the type-specific meta caps we are forcing
     require_once dirname(__FILE__) . '/meta_caps_rs.php';
     if (!$disable_queryfilters) {
         if (!$is_administrator) {
             if ($this->direct_file_access) {
                 require_once dirname(__FILE__) . '/cap-interceptor-basic_rs.php';
                 // only need to support basic read_post / read_page check for direct file access
                 $GLOBALS['cap_interceptor_basic'] = new CapInterceptorBasic_RS();
             } else {
                 require_once dirname(__FILE__) . '/cap-interceptor_rs.php';
                 $GLOBALS['cap_interceptor'] = new CapInterceptor_RS();
             }
         }
         // (also use content filters on front end to FILTER IN private content which WP inappropriately hides from administrators)
         if (!$is_administrator || $this->is_front()) {
             require_once dirname(__FILE__) . '/query-interceptor_rs.php';
             $GLOBALS['query_interceptor'] = new QueryInterceptor_RS();
         }
         if (!$this->direct_file_access && (!$is_administrator || !defined('XMLRPC_REQUEST'))) {
             // don't tempt trouble by adding hardway filters on XMLRPC for logged administrator
             $this->add_hardway_filters();
             if ($this->is_front() || !$is_administrator) {
                 require_once dirname(__FILE__) . '/terms-query-lib_rs.php';
                 if (awp_ver('3.1') && !defined('SCOPER_LEGACY_TERMS_FILTER')) {
                     require_once dirname(__FILE__) . '/terms-interceptor_rs.php';
                     $GLOBALS['terms_interceptor'] = new TermsInterceptor_RS();
                 } else {
                     require_once dirname(__FILE__) . '/hardway/hardway-taxonomy-legacy_rs.php';
                 }
             }
         }
     }
     // endif query filtering not disabled for this access type
     if ($is_administrator) {
         if ($this->is_front()) {
             require_once 'comments-int-administrator_rs.php';
         }
     } else {
         require_once 'comments-interceptor_rs.php';
     }
     if (is_admin()) {
         $this->add_admin_ui_filters($is_administrator);
     }
     do_action('scoper_init');
     // ===== end Content Filters
 }