public static function exception_scripts() { if (!current_user_can('pp_assign_roles') && !pp_bulk_roles_enabled()) { return array(); } $vars = array('addExceptions' => __('Add Exceptions', 'pp'), 'clearException' => __('clear', 'pp'), 'pleaseReview' => __('Review selection(s) below, then click Save.', 'pp'), 'alreadyException' => __('Exception already selected!', 'pp'), 'noAction' => __('No Action selected!', 'pp'), 'submissionMsg' => __('Exception submission in progress...', 'pp'), 'reloadRequired' => __('Reload form for further changes to this exception', 'pp'), 'noMode' => __('No Assignment Mode selected!', 'pp'), 'ajaxurl' => admin_url('')); $vars['agentType'] = isset($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group'; $vars['agentID'] = isset($_REQUEST['agent_id']) ? (int) $_REQUEST['agent_id'] : 0; //$vars['agentID'] = ( isset($_REQUEST['group_id']) ) ? $_REQUEST['group_id'] : 0; // Simulate Nav Menu setup require_once dirname(__FILE__) . '/includes/item-menu_pp.php'; /* if ( ! pp_wp_ver( '3.3' ) ) { global $wp_styles; $wp_styles->add( 'nav-menu', "/wp-admin/css/nav-menu.css" ); wp_admin_css( 'nav-menu' ); } */ $vars['noItems'] = __('No items selected!', 'pp'); $suffix = defined('SCRIPT_DEBUG') && SCRIPT_DEBUG ? '.dev' : ''; //wp_enqueue_script( 'nav-menu' ); wp_enqueue_script('pp-item-menu', PP_URLPATH . "/admin/js/pp-item-menu{$suffix}.js", array('jquery', 'jquery-form'), PPC_VERSION); wp_localize_script('pp-item-menu', 'ppItems', array('ajaxurl' => admin_url(''), 'noResultsFound' => __('No results found.', 'pp'))); wp_enqueue_script('pp_exception_edit', PP_URLPATH . "/admin/js/pp_exception_edit{$suffix}.js", array('jquery', 'jquery-form'), PPC_VERSION); wp_localize_script('pp_exception_edit', 'ppRestrict', $vars); wp_enqueue_script('common'); wp_enqueue_script('postbox'); return $vars; }
public static function activate_key() { if (PP_MULTISITE && !is_super_admin() && (pp_is_network_activated(PPC_BASENAME) || pp_is_mu_plugin(PPC_FILE))) { return; } require_once dirname(__FILE__) . '/plugin_pp.php'; $request_vars = array('key' => pp_sanitize_key($_GET['key']), 'site' => site_url('')); $response = PP_Plugin_Status::callhome('activate-key', $request_vars); $result = json_decode($response); if ($result[0] == "1") { pp_update_option('support_key', $result); } echo $response; exit; }
function __construct() { global $_wp_column_headers; $screen = get_current_screen(); // clear out empty entry from initial admin_header.php execution if (isset($_wp_column_headers[$screen->id])) { unset($_wp_column_headers[$screen->id]); } parent::__construct(array('singular' => 'group', 'plural' => 'groups')); if (empty($_REQUEST['agent_type'])) { if (!($this->agent_type = apply_filters('pp_query_group_type', ''))) { $this->agent_type = 'pp_group'; } } else { $this->agent_type = pp_sanitize_key($_REQUEST['agent_type']); } }
public static function add_user_groups($user_id, $omit_group_ids = array()) { $group_types = pp_get_group_types(array('editable' => true)); //foreach( apply_filters( 'pp_membership_editable_group_types', array( 'pp_group' ) ) as $agent_type ) { foreach (pp_get_group_types(array('editable' => true)) as $agent_type) { if ('pp_group' == $agent_type && in_array('pp_net_group', $group_types)) { continue; } if (empty($_POST[$agent_type])) { continue; } //if ( ! pp_has_group_cap( 'pp_manage_members', 0, $agent_type ) ) // continue; global $pp_current_user; $status = isset($_POST['pp_membership_status']) ? pp_sanitize_key($_POST['pp_membership_status']) : 'active'; if ($user_id == $pp_current_user->ID) { $stored_groups = (array) $pp_current_user->groups[$agent_type]; } else { $user = pp_get_user($user_id, '', array('skip_role_merge' => 1)); $stored_groups = isset($user->groups[$agent_type]) ? (array) $user->groups[$agent_type] : array(); } // by retrieving filtered groups here, user will only modify membership for groups they can administer $is_administrator = pp_is_user_administrator(); $posted_groups = isset($_POST[$agent_type]) ? $_POST[$agent_type] : array(); if ($omit_group_ids) { $posted_groups = array_diff($posted_groups, $omit_group_ids); } foreach ($posted_groups as $group_id) { if (isset($stored_groups[$group_id])) { continue; } if (pp_has_group_cap('pp_manage_members', $group_id, $agent_type)) { $args = compact('agent_type', 'status'); $args = apply_filters('pp_add_group_args', $args, $group_id); pp_add_group_user((int) $group_id, $user_id, $args); } } } }
function pp_register_extension($slug, $label, $basename, $version, $min_pp_version = '0', $min_wp_version = '0') { global $pp_extensions, $pp_min_ext_version; $slug = pp_sanitize_key($slug); if (!isset($pp_extensions) || !is_array($pp_extensions)) { $pp_extensions = array(); } // avoid lockout in case of editing plugin via wp-admin if (constant('PP_DEBUG') && is_admin() && ppc_editing_plugin()) { return false; } $register = true; $error = false; if (!pp_wp_ver($min_wp_version)) { require_once dirname(__FILE__) . '/lib/error_pp.php'; $error = PP_Error::old_wp($label, $min_wp_version); $register = false; } elseif (version_compare(PPC_VERSION, $min_pp_version, '<')) { require_once dirname(__FILE__) . '/lib/error_pp.php'; $error = PP_Error::old_pp($label, $min_pp_version); $register = false; } elseif (!empty($pp_min_ext_version[$slug]) && version_compare($version, $pp_min_ext_version[$slug], '<')) { if (is_admin()) { require_once dirname(__FILE__) . '/lib/error_pp.php'; $error = PP_Error::old_extension($label, $pp_min_ext_version[$slug]); // but still register extension so it can be updated! } else { $error = true; $register = false; } } if ($register) { $version = pp_sanitize_word($version); $pp_extensions[$slug] = (object) compact('slug', 'version', 'label', 'basename'); } return !$error; }
function act_prep_metaboxes() { global $tag_ID; if (empty($tag_ID)) { return; } static $been_here; if (isset($been_here)) { return; } $been_here = true; global $typenow; // pp_find_post_type(); $post_type = !empty($_REQUEST['pp_universal']) ? '' : $typenow; $taxonomy = isset($_REQUEST['taxonomy']) ? pp_sanitize_key($_REQUEST['taxonomy']) : ''; //$is_administrator = pp_is_user_administrator(); //$can_admin_object = $is_administrator || $pp_admin->user_can_admin_object('post', $object_id, $object_type); if (current_user_can('pp_assign_roles')) { $this->init_item_exceptions_ui(); $tt_id = pp_termid_to_ttid($tag_ID, $taxonomy); $args = array('for_item_type' => $post_type, 'hierarchical' => is_taxonomy_hierarchical($post_type)); // via_src, for_src, via_type, item_id, args $this->item_exceptions_ui->data->load_exceptions('term', 'post', $taxonomy, $tt_id, $args); do_action('pp_prep_metaboxes', 'term', $taxonomy, $tt_id); } }
function menu_handler() { $pp_page = pp_sanitize_key($_GET['page']); if (in_array($pp_page, array('pp-settings', 'pp-groups', 'pp-users', 'pp-edit-permit', 'pp-edit-permissions', 'pp-group-new', 'pp-about', 'pp-attachments_utility'))) { include_once PPC_ABSPATH . "/admin/{$pp_page}.php"; if ('pp-settings' == $pp_page) { pp_options(); } } do_action('pp_menu_handler', $pp_page); }
<?php if (!defined('ABSPATH')) { exit; } // Exit if accessed directly if (!pp_bulk_roles_enabled()) { exit; } global $wpdb; $html = ''; $agent_type = !empty($_GET['agent_type']) ? pp_sanitize_key($_GET['agent_type']) : ''; $agent_id = !empty($_GET['agent_id']) ? (int) $_GET['agent_id'] : 0; // safeguard prevents accidental modification of roles for other groups / users if ($agent_type && $agent_id) { $agent_clause = "agent_type = '{$agent_type}' AND agent_id = '{$agent_id}' AND"; } else { $agent_clause = ''; } $action = $_GET['pp_ajax_submission']; switch ($action) { case 'roles_remove': if (empty($_GET['pp_ass_ids'])) { exit; } if (!current_user_can('pp_assign_roles') || !pp_bulk_roles_enabled()) { exit; } $deleted_ass_ids = array(); $input_vals = explode('|', pp_sanitize_csv($_GET['pp_ass_ids'])); foreach ($input_vals as $id_csv) {
if (!empty($pp_admin->errors) && is_wp_error($pp_admin->errors)) { ?> <div class="error"><p><?php echo implode("</p>\n<p>", $pp_admin->errors->get_error_messages()); ?> </p></div> <?php } ?> <div class="wrap" id="group-profile-page"> <?php pp_icon(); ?> <h2><?php $agent_type = isset($_REQUEST['agent_type']) && pp_group_type_editable($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group'; if ('pp_group' == $agent_type || !($group_type_obj = pp_get_group_type_object($agent_type))) { _e('Create New Permission Group', 'pp'); } else { printf(__('Create New %s', 'pp'), $group_type_obj->labels->singular_name); } ?> </h2> <form action="" method="post" id="creategroup" name="creategroup" class="pp-admin"> <input name="action" type="hidden" value="creategroup" /> <input name="agent_type" type="hidden" value="<?php echo $agent_type; ?> " /> <?php
function _ppc_count_assigned_exceptions($agent_type, $args = array()) { global $wpdb; $defaults = array('query_agent_ids' => false, 'join_groups' => true); extract(array_merge($defaults, $args), EXTR_SKIP); $item_types = array_merge(pp_get_enabled_post_types(), pp_get_enabled_taxonomies(), pp_get_group_types(array('editable' => true))); $type_clause = "AND e.for_item_type IN ('','" . implode("','", $item_types) . "')"; $type_clause .= " AND e.via_item_type IN ('','" . implode("','", $item_types) . "')"; $ops_clause = "AND operation IN ('" . implode("','", pp_get_operations()) . "')"; $count = array(); $agent_type = pp_sanitize_key($agent_type); if ('user' == $agent_type && $join_groups) { $results = array(); foreach (pp_get_group_types(array(), 'object') as $group_type => $gtype_obj) { global $wpdb; if (!empty($gtype_obj->schema['members'])) { extract($gtype_obj->schema['members']); // members_table, col_group, col_user } else { $members_table = $wpdb->pp_group_members; $col_member_group = 'group_id'; $col_member_user = '******'; } $agent_clause = $query_agent_ids ? "AND gm.{$col_member_user} IN ('" . implode("','", (array) $query_agent_ids) . "')" : ''; if ('groups_only' === $join_groups || 'pp_group' != $group_type) { $agent_type_clause = "( e.agent_type = '{$group_type}' AND gm.{$col_member_group} = e.agent_id )"; } else { $agent_type_clause = "( e.agent_type = 'user' AND gm.user_id = e.agent_id ) OR ( e.agent_type = 'pp_group' AND gm.group_id = e.agent_id )"; } $_results = $wpdb->get_results("SELECT gm.{$col_member_user} as qry_agent_id, e.exception_id, e.for_item_source, e.for_item_type, e.via_item_type, e.operation, COUNT(DISTINCT i.exception_id, i.item_id) AS exc_count FROM {$wpdb->ppc_exception_items} AS i INNER JOIN {$wpdb->ppc_exceptions} AS e ON i.exception_id = e.exception_id INNER JOIN {$members_table} AS gm ON ( {$agent_type_clause} ) WHERE i.inherited_from = '0' {$ops_clause} {$type_clause} {$agent_clause} GROUP BY qry_agent_id, e.for_item_source, e.for_item_type, e.operation"); $results = array_merge($results, $_results); } } else { $agent_clause = $query_agent_ids ? "AND e.agent_id IN ('" . implode("','", (array) $query_agent_ids) . "')" : ''; $results = $wpdb->get_results("SELECT e.agent_id AS qry_agent_id, e.exception_id, e.for_item_source, e.for_item_type, e.operation, e.via_item_type, COUNT(DISTINCT i.exception_id, i.item_id) AS exc_count FROM {$wpdb->ppc_exception_items} AS i INNER JOIN {$wpdb->ppc_exceptions} AS e ON i.exception_id = e.exception_id WHERE i.inherited_from = '0' AND e.agent_type = '{$agent_type}' {$ops_clause} {$type_clause} {$agent_clause} GROUP BY qry_agent_id, e.for_item_source, e.for_item_type, e.operation"); } foreach ($results as $row) { if (!$row->for_item_type) { $type_label = ''; } else { if (!($type_obj = pp_get_type_object($row->for_item_source, $row->for_item_type))) { continue; } $type_label = $type_obj->labels->singular_name; } if ($op_obj = pp_get_op_object($row->operation, $row->for_item_type)) { if ('assign' == $row->operation) { if ($tx_obj = get_taxonomy($row->via_item_type)) { $lbl = str_replace('Term', $tx_obj->labels->singular_name, $op_obj->label); } else { $lbl = $op_obj->label; } //$lbl = sprintf( __('%2$s: %1$s', 'pp'), $op_lbl, $type_label ); } elseif (isset($op_obj->abbrev)) { $lbl = $op_obj->abbrev; } else { $lbl = sprintf(__('%1$s %2$s', 'pp'), $op_obj->label, $type_label); } } else { $lbl = $type_label; } if (!isset($count[$row->qry_agent_id]['exceptions'][$lbl])) { $count[$row->qry_agent_id]['exceptions'][$lbl] = 0; } $count[$row->qry_agent_id]['exceptions'][$lbl] += $row->exc_count; if (!isset($count[$row->qry_agent_id]['exc_count'])) { $count[$row->qry_agent_id]['exc_count'] = 0; } $count[$row->qry_agent_id]['exc_count'] += $row->exc_count; } return $count; }
function log_term_data() { global $wp_object_cache, $wpdb, $pp, $typenow; $taxonomy = pp_sanitize_key($_REQUEST['taxonomy']); if (!empty($wp_object_cache->cache[$taxonomy])) { if (isset($wp_object_cache->cache[$taxonomy])) { // Note: As of WP 3.5, array is keyed "blog_id:term_id" on Multisite installs $listed_term_ids = array(); foreach ($wp_object_cache->cache[$taxonomy] as $term) { $listed_tt_ids[] = $term->term_taxonomy_id; } } if (empty($_REQUEST['paged'])) { $listed_tt_ids[] = 0; } } else { return; } if (!empty($_REQUEST['pp_universal'])) { $typenow = ''; } elseif (empty($typenow)) { $typenow = isset($_REQUEST['post_type']) ? pp_sanitize_key($_REQUEST['post_type']) : ''; } $this->exceptions = array(); if (!empty($listed_tt_ids)) { $agent_type_csv = implode("','", array_merge(array('user'), pp_get_group_types())); $id_csv = implode("','", $listed_tt_ids); $post_type = !empty($_REQUEST['pp_universal']) ? '' : $typenow; $for_type_csv = $typenow ? "'{$post_type}'" : "'', '{$taxonomy}'"; $results = $wpdb->get_results("SELECT DISTINCT i.item_id, e.operation FROM {$wpdb->ppc_exceptions} AS e INNER JOIN {$wpdb->ppc_exception_items} AS i ON e.exception_id = i.exception_id WHERE e.for_item_type IN ({$for_type_csv}) AND e.via_item_source = 'term' AND e.via_item_type = '{$taxonomy}' AND e.agent_type IN ('{$agent_type_csv}') AND i.item_id IN ('{$id_csv}')"); foreach ($results as $row) { if (!isset($this->exceptions[$row->item_id])) { $this->exceptions[$row->item_id] = array(); } $this->exceptions[$row->item_id][] = $row->operation; } } }
define('PP_MAX_DATE_STRING', '2035-01-01 00:00:00'); $dir = dirname(__FILE__); require_once "{$dir}/lib/agapetry_lib.php"; require_once "{$dir}/api_pp.php"; require_once "{$dir}/defaults_pp.php"; require_once "{$dir}/defaults_ppx.php"; require_once "{$dir}/db-config_pp.php"; if (PP_MULTISITE) { $func = "require('" . dirname(__FILE__) . "/db-config_pp.php');"; add_action('switch_blog', create_function('', $func)); } add_action('set_current_user', '_pp_act_set_current_user', 99); add_action('init', '_pp_act_on_init', 50); global $pp_plugin_page, $pp_default_options, $pp_netwide_options, $pp_role_defs; // ensure plugin_page is available immediately $pp_plugin_page = is_admin() && isset($_GET['page']) ? pp_sanitize_key($_GET['page']) : ''; pp_refresh_options(); // retrieve stored options $pp_default_options = pp_default_options(); if (PP_MULTISITE) { $pp_netwide_options = apply_filters('pp_netwide_options', array('support_key', 'beta_updates')); } pp_register_group_type('pp_group', is_admin() ? array('labels' => (object) array('name' => __('Groups', 'pp'), 'singular_name' => __('Group', 'pp'))) : array()); if (defined('SSEO_VERSION')) { require_once dirname(__FILE__) . '/eyes-only-helper_pp.php'; } if (is_admin()) { require_once $dir . '/admin/admin-load_pp.php'; } else { add_action('pp_pre_init', '_pp_enable_attachment_metacap_workaround'); }
/** * Prepare the query variables * * @access private */ function prepare_query() { global $wpdb; $qv =& $this->query_vars; $groups_table = apply_filters('pp_use_groups_table', $wpdb->pp_groups, $this->agent_type); if (is_array($qv['fields'])) { $qv['fields'] = array_unique($qv['fields']); $this->query_fields = array(); foreach ($qv['fields'] as $field) { $this->query_fields[] = $groups_table . '.' . esc_sql($field); } $this->query_fields = implode(',', $this->query_fields); } elseif ('all' == $qv['fields']) { $this->query_fields = "{$groups_table}.*"; } else { $this->query_fields = "{$groups_table}.ID"; } $this->query_from = "FROM {$groups_table}"; $this->query_where = "WHERE 1=1"; $group_variant = isset($_REQUEST['group_variant']) ? pp_sanitize_key($_REQUEST['group_variant']) : ''; $group_variant = apply_filters('pp_query_group_variant', $group_variant); $require_meta_types = array(); if ('wp_role' == $group_variant) { $require_meta_types[] = 'wp_role'; } if ($require_meta_types) { $this->query_where .= " AND {$groups_table}.metagroup_type IN ('" . implode("','", $require_meta_types) . "')"; } $skip_meta_types = array(); if ($group_variant && 'wp_role' != $group_variant) { $skip_meta_types[] = 'wp_role'; } else { $pp_only_roles = (array) pp_get_option('supplemental_role_defs'); if (defined('CAPSMAN_ENH_VERSION') && version_compare(CAPSMAN_ENH_VERSION, '1.4.10', '<')) { // version 1.4.9 and earlier stored redundant elements $_pp_only_roles = (array) $pp_only_roles; $pp_only_roles = array_unique($pp_only_roles); if (count($pp_only_roles) != count($_pp_only_roles)) { pp_update_option('supplemental_role_defs', $pp_only_roles); } } if (pp_get_option('anonymous_unfiltered')) { $pp_only_roles = array_merge($pp_only_roles, array('wp_anon', 'wp_all')); } $pp_only_roles = implode("','", $pp_only_roles); $this->query_where .= " AND ( ( {$groups_table}.metagroup_type != 'wp_role' ) OR ( {$groups_table}.metagroup_id NOT IN ( '{$pp_only_roles}' ) ) )"; } if ($skip_meta_types) { $this->query_where .= " AND {$groups_table}.metagroup_type NOT IN ('" . implode("','", $skip_meta_types) . "')"; } global $wp_roles; $admin_roles = array(); if (isset($wp_roles->role_objects)) { foreach (array_keys($wp_roles->role_objects) as $wp_role_name) { if (!empty($wp_roles->role_objects[$wp_role_name]->capabilities['pp_administer_content']) || !empty($wp_roles->role_objects[$wp_role_name]->capabilities['pp_unfiltered'])) { $admin_roles[$wp_role_name] = true; } } } if ($admin_roles) { $this->query_where .= " AND {$groups_table}.metagroup_id NOT IN ('" . implode("','", array_keys($admin_roles)) . "')"; } $skip_meta_ids = array(); if (!defined('RVY_VERSION') || defined('SCOPER_DEFAULT_MONITOR_GROUPS') || defined('PP_DEFAULT_MONITOR_GROUPS')) { $skip_meta_ids = array_merge($skip_meta_ids, array('rv_pending_rev_notice_ed_nr_', 'rv_scheduled_rev_notice_ed_nr_')); } if ($skip_meta_ids) { $this->query_where .= " AND {$groups_table}.metagroup_id NOT IN ('" . implode("','", $skip_meta_ids) . "')"; } //$this->query_where .= "AND $groups_table.metagroup_id != 'wp_anon'"; // sorting if ('ID' == $qv['orderby'] || 'id' == $qv['orderby']) { $orderby = 'ID'; } else { $orderby = 'group_name'; } $qv['order'] = strtoupper($qv['order']); if ('ASC' == $qv['order']) { $order = 'ASC'; } else { $order = 'DESC'; } $this->query_orderby = "ORDER BY {$orderby} {$order}"; // limit if ($qv['number']) { if ($qv['offset']) { $this->query_limit = $wpdb->prepare("LIMIT %d, %d", $qv['offset'], $qv['number']); } else { $this->query_limit = $wpdb->prepare("LIMIT %d", $qv['number']); } } $search = trim($qv['search']); if ($search) { $leading_wild = ltrim($search, '*') != $search; $trailing_wild = rtrim($search, '*') != $search; if ($leading_wild && $trailing_wild) { $wild = 'both'; } elseif ($leading_wild) { $wild = 'leading'; } elseif ($trailing_wild) { $wild = 'trailing'; } else { $wild = false; } if ($wild) { $search = trim($search, '*'); } if (is_numeric($search)) { $search_columns = array('ID'); } else { $search_columns = array('group_name'); } $this->query_where .= $this->get_search_sql($search, $search_columns, $wild); } // if user cannot edit all groups, filter displayed groups based on group-specific role assignments if (!pp_is_user_administrator()) { $reqd_caps = apply_filters('pp_edit_groups_reqd_caps', 'pp_manage_members', 'edit-group'); if (!current_user_can($reqd_caps)) { global $wpdb, $pp_current_user; $exc_agent_type = in_array($this->agent_type, array('pp_group', 'pp_net_group')) ? 'pp_group' : $this->agent_type; $group_ids = isset($pp_current_user->except['manage_' . $exc_agent_type][$exc_agent_type]['']['additional'][$exc_agent_type]['']) ? $pp_current_user->except['manage_' . $exc_agent_type][$exc_agent_type]['']['additional'][$exc_agent_type][''] : array(); $this->query_where .= " AND {$groups_table}.ID IN ('" . implode("','", $group_ids) . "')"; } } $blog_id = absint($qv['blog_id']); if (!empty($qv['include'])) { $ids = implode(',', wp_parse_id_list($qv['include'])); $this->query_where .= " AND {$groups_table}.ID IN ({$ids})"; } elseif (!empty($qv['exclude'])) { $ids = implode(',', wp_parse_id_list($qv['exclude'])); $this->query_where .= " AND {$groups_table}.ID NOT IN ({$ids})"; } do_action_ref_array('pp_pre_group_query', array(&$this)); }
if ('pp_group' == $agent_type || !($group_type_obj = pp_get_group_type_object($agent_type))) { $groups_caption = defined('PP_GROUPS_CAPTION') ? PP_GROUPS_CAPTION : __('Permission Groups', 'pp'); } else { $groups_caption = $group_type_obj->labels->name; } echo esc_html($groups_caption); /* if ( current_user_can( 'pp_edit_groups' ) ) { if ( PP_MULTISITE && pp_get_option('ms_netwide_groups') ) $url = 'users.php'; else $url = 'admin.php'; } */ $url = 'admin.php'; $group_variant = isset($_REQUEST['group_variant']) ? pp_sanitize_key($_REQUEST['group_variant']) : 'pp_group'; if (pp_group_type_editable($group_variant) && current_user_can('pp_create_groups')) { ?> <a href="<?php echo add_query_arg(array('agent_type' => $agent_type, 'page' => 'pp-group-new'), $url); ?> " class="add-new-h2"><?php echo esc_html(__ppw('Add New')); ?> </a> <?php } echo '</h2>'; if (pp_get_option('display_hints')) { echo '<div class="pp-hint">'; if (defined('PP_GROUPS_HINT')) {
public static function insert_exceptions($mod_type, $operation, $via_item_source, $via_item_type, $for_item_source, $for_item_type, $item_id, $agent_type, $agents, $args) { $defaults = array('assign_for' => 'item', 'remove_assignments' => false, 'for_item_status' => '', 'mod_type' => '', 'inherited_from' => array(), 'is_auto_insertion' => false); // auto_insertion arg set for propagation from parent objects $args = array_merge($defaults, (array) $args); extract($args, EXTR_SKIP); if (!$agents) { return; } global $wpdb, $current_user; $updated_items = array(); // for use with do_action hook $updated_items[] = $item_id; $assigner_id = $current_user->ID; $operation = pp_sanitize_key($operation); $via_item_source = pp_sanitize_key($via_item_source); $for_item_source = pp_sanitize_key($for_item_source); $for_item_type = pp_sanitize_key($for_item_type); $item_id = (int) $item_id; $agent_type = pp_sanitize_key($agent_type); $mod_type = pp_sanitize_key($mod_type); $via_item_type = pp_sanitize_key($via_item_type); $for_item_status = pp_sanitize_csv($for_item_status); $assign_for = pp_sanitize_key($assign_for); if ('children' == $assign_for) { if ('term' == $via_item_source) { $descendant_ids = array(); if ($_term = $wpdb->get_row("SELECT term_id, taxonomy FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id = '{$item_id}' LIMIT 1")) { if ($_term_ids = pp_get_descendant_ids('term', $_term->term_id)) { $descendant_ids = pp_termid_to_ttid($_term_ids, $_term->taxonomy); } } } else { $descendant_ids = pp_get_descendant_ids($via_item_source, $item_id, array('include_attachments' => false)); // don't propagate page exceptions to attachments } if ($descendant_ids) { // TODO: reinstate this? /* global $pp_admin; if ( ! $is_auto_insertion ) { // don't allow a page parent change to modify role assignments for a descendant object which the current user can't administer $remove_ids = array(); foreach ( $descendant_ids as $id ) { if ( 'term' == $scope ) { if ( ! $pp_admin->user_can_admin_terms($item_source, $id) ) // TODO: add $args with 'taxonomy' $remove_ids []= $id; } else { if ( ! $pp_admin->user_can_admin_object( $item_source, $id ) ) $remove_ids []= $id; } } $descendant_ids = array_diff( $descendant_ids, $remove_ids ); } */ $descendant_id_csv = implode("','", $descendant_ids); } } // Before inserting an exception, delete any overlooked old exceptions for the same src/type/status. $match_cols = compact('mod_type', 'for_item_source', 'for_item_status', 'operation', 'agent_type', 'via_item_source', 'via_item_type'); $_clauses = array(); foreach ($match_cols as $col => $val) { $_clauses[] = "{$col} = '{$val}'"; } $qry_exc_select_base = "SELECT * FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses); $qry_exc_select_type_base = "SELECT for_item_type, exception_id FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses); $insert_exc_data = $match_cols; $insert_exc_data['assigner_id'] = $assigner_id; $qry_item_select_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE assign_for = '{$assign_for}' AND item_id = '{$item_id}'"; $qry_item_delete_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE 1=1"; foreach (array_keys($agents) as $agent_id) { $agent_id = (int) $agent_id; // first, retrieve or create the pp_exceptions record for this user/group and src,type,status if (!($exc = $wpdb->get_row("{$qry_exc_select_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'"))) { $insert_exc_data['agent_id'] = $agent_id; $insert_exc_data['for_item_type'] = $for_item_type; $wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data); $exception_id = $wpdb->insert_id; } else { $exception_id = $exc->exception_id; } $this_inherited_from = isset($inherited_from[$agent_id]) ? $inherited_from[$agent_id] : 0; // delete any existing items for this exception_id if ($eitem_ids = $wpdb->get_col($qry_item_select_base . " AND exception_id = '{$exception_id}'")) { self::remove_exception_items_by_id($eitem_ids); } // insert exception items $item_data = compact('item_id', 'assign_for', 'exception_id', 'assigner_id'); $item_data['inherited_from'] = $this_inherited_from; $wpdb->insert($wpdb->ppc_exception_items, $item_data); do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data)); $assignment_id = $wpdb->insert_id; // insert exception for all descendant items if ('children' == $assign_for && $descendant_ids) { if (!$this_inherited_from) { $this_inherited_from = (int) $assignment_id; //$role_arr['inherited_from'] = $this_inherited_from; } $exceptions_by_type = array(); $_results = $wpdb->get_results("{$qry_exc_select_type_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'"); foreach ($_results as $row) { $exceptions_by_type[$row->for_item_type] = $row->exception_id; } if ('term' == $via_item_source && taxonomy_exists($for_item_type)) { // need to allow for descendants of a different post type than parent $descendant_types = $wpdb->get_results("SELECT term_taxonomy_id, taxonomy AS for_item_type FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K); } elseif ('post' == $via_item_source) { $descendant_types = $wpdb->get_results("SELECT ID, post_type AS for_item_type FROM {$wpdb->posts} WHERE ID IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K); } else { $descendant_types = array(); } foreach ($descendant_ids as $id) { if ($for_item_type) { // allow for descendants with post type different from parent if (!isset($descendant_types[$id])) { $child_for_item_type = $for_item_type; // if child type could not be determined, assume parent type } elseif ('revision' == $descendant_types[$id]->for_item_type) { continue; } else { $child_for_item_type = $descendant_types[$id]->for_item_type; } } else { $child_for_item_type = ''; } if (!isset($exceptions_by_type[$child_for_item_type])) { $insert_exc_data['agent_id'] = $agent_id; $insert_exc_data['for_item_type'] = $child_for_item_type; $wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data); $exceptions_by_type[$child_for_item_type] = $wpdb->insert_id; } $child_exception_id = $exceptions_by_type[$child_for_item_type]; // Don't overwrite an explicitly assigned exception with a propagated exception if (!defined('PP_FORCE_EXCEPTION_OVERWRITE') || !PP_FORCE_EXCEPTION_OVERWRITE) { $have_direct_assignments = $wpdb->get_col("SELECT item_id FROM {$wpdb->ppc_exception_items} WHERE exception_id = '{$child_exception_id}' AND inherited_from = '0' AND item_id IN ('{$descendant_id_csv}')"); if (in_array($id, $have_direct_assignments)) { continue; } } if ($eitem_ids = $wpdb->get_col($qry_item_delete_base . " AND exception_id = '{$child_exception_id}' AND item_id = '{$id}'")) { self::remove_exception_items_by_id($eitem_ids); } // note: Propagated roles will be converted to direct-assigned roles if the parent object/term is deleted. //$role_arr['item_id'] = $id; $item_data = array('item_id' => $id, 'assign_for' => 'item', 'exception_id' => $child_exception_id, 'inherited_from' => $this_inherited_from, 'assigner_id' => $assigner_id); $wpdb->insert($wpdb->ppc_exception_items, $item_data); do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data)); //if ( $role_hooks ) { // $assignment_id = $wpdb->insert_id; // $role_arr['assign_for'] = 'item'; //} $item_data['assign_for'] = 'children'; $wpdb->insert($wpdb->ppc_exception_items, $item_data); do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data)); //if ( $role_hooks ) { // $assignment_id = $wpdb->insert_id; // $role_arr['assign_for'] = 'children'; //} $updated_items[] = $id; } } } // end foreach agent_id return $updated_items; }
<?php if (empty($_GET['pp_for_type'])) { exit; } if (!pp_bulk_roles_enabled()) { exit; } $agent_type = pp_sanitize_key($_GET['pp_agent_type']); $agent_id = (int) $_GET['pp_agent_id']; $for_type = pp_sanitize_csv($_GET['pp_for_type']); $operation = isset($_GET['pp_operation']) ? pp_sanitize_key($_GET['pp_operation']) : ''; $via_type = isset($_GET['pp_via_type']) ? pp_sanitize_key($_GET['pp_via_type']) : ''; $mod_type = isset($_GET['pp_mod_type']) ? pp_sanitize_key($_GET['pp_mod_type']) : ''; $item_id = isset($_GET['pp_item_id']) ? (int) $_GET['pp_item_id'] : 0; if ('(all)' == $for_type) { $for_src_name = 'post'; $via_src_name = 'term'; $for_type = ''; } else { //$for_src_name = ( ! $for_type || post_type_exists( $for_type ) ) ? 'post' : 'term'; if (!$for_type || post_type_exists($for_type)) { $for_src_name = 'post'; } elseif (taxonomy_exists($for_type)) { $for_src_name = 'term'; } else { $for_src_name = $for_type; } //$via_src_name = post_type_exists( $via_type ) ? 'post' : 'term'; if (post_type_exists($via_type)) { $via_src_name = 'post';
function _pp_default_admin_options($options) { $options['support_data'] = array_fill_keys(array('pp_options', 'wp_roles_types', 'theme', 'active_plugins', 'pp_permissions', 'pp_group_members', 'error_log', 'post_data', 'term_data'), true); return $options; } // make sure empty terms are included in quick search results in "Add Supplemental Roles" term selection metaboxes if (pp_is_ajax('menu-quick-search')) { function _term_select_include_empty($args, $taxonomies) { $args['hide_empty'] = 0; return $args; } add_filter('get_terms_args', '_term_select_include_empty', 50, 2); } elseif (pp_is_ajax('pp-menu-quick-search')) { require_once dirname(__FILE__) . '/includes/item-menu_pp.php'; add_action('wp_ajax_' . pp_sanitize_key($_REQUEST['action']), '_pp_ajax_menu_quick_search', 1); } function pp_is_ajax($action) { return defined('DOING_AJAX') && DOING_AJAX && !empty($_REQUEST['action']) && in_array($_REQUEST['action'], (array) $action); } function pp_admin_init() { global $cap_interceptor_admin; require_once dirname(__FILE__) . '/cap-interceptor-admin_pp.php'; $cap_interceptor_admin = new PP_CapInterceptorAdmin(); if (!empty($_POST) || !empty($_REQUEST['action']) || !empty($_REQUEST['action2']) || !empty($_REQUEST['pp_action'])) { require_once dirname(__FILE__) . '/admin-handlers_pp.php'; } // TODO: standardize ajax implementation //if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
<?php if (!defined('ABSPATH')) { exit; } // Exit if accessed directly if (empty($_GET['pp_src_name']) || empty($_GET['pp_object_type'])) { exit; } if (!pp_bulk_roles_enabled()) { exit; } $for_item_source = pp_sanitize_key($_GET['pp_src_name']); $for_item_type = pp_sanitize_key($_GET['pp_object_type']); $role_name = isset($_GET['pp_role_name']) ? pp_sanitize_csv($_GET['pp_role_name']) : ''; if ($force_vars = apply_filters('pp_ajax_role_ui_vars', array(), compact('for_item_source', 'for_item_type', 'role_name'))) { extract($force_vars); } $html = ''; switch ($_GET['pp_ajax_ui']) { case 'get_role_options': if (!is_user_logged_in()) { echo '<option>' . __('(login timed out)', 'pp') . '</option>'; exit; } global $pp_admin, $wp_roles, $pp_role_defs; //$is_tx_management = ( 'term' == $for_item_source ); if ($roles = _pp_get_type_roles($for_item_source, $for_item_type)) { foreach ($roles as $_role_name => $role_title) { if (pp_user_can_admin_role($_role_name, $for_item_type)) { $selected = $_role_name == $role_name ? "selected='selected'" : '';
/** * Displays a metabox for a taxonomy menu item. * * @param string $object Not used. * @param string $taxonomy The taxonomy object. */ function pp_nav_menu_item_taxonomy_meta_box($object, $taxonomy) { global $nav_menu_selected_id; $taxonomy_name = $taxonomy['args']->name; // paginate browsing for large numbers of objects $per_page = 50; $pagenum = isset($_REQUEST[$taxonomy_name . '-tab']) && isset($_REQUEST['paged']) ? absint($_REQUEST['paged']) : 1; $offset = 0 < $pagenum ? $per_page * ($pagenum - 1) : 0; $args = array('child_of' => 0, 'exclude' => '', 'hide_empty' => false, 'hierarchical' => 1, 'include' => '', 'number' => $per_page, 'offset' => $offset, 'order' => 'ASC', 'orderby' => 'name', 'pad_counts' => false); $terms = get_terms($taxonomy_name, $args); // kevinB: add "(none)" item for include exceptions $none_obj = (object) array('term_taxonomy_id' => 0, 'parent' => 0, 'term_id' => 0, 'name' => __('(none)', 'pp'), 'object_id' => 0, 'title' => __('(none)', 'pp'), 'menu_item_parent' => 0, 'db_id' => 0); $none_obj->_add_to_top = true; $none_obj->label = __('(none)', 'pp'); array_unshift($terms, $none_obj); if (!$terms || is_wp_error($terms)) { echo '<p>' . __('No items.') . '</p>'; return; } $num_pages = ceil(wp_count_terms($taxonomy_name, array_merge($args, array('number' => '', 'offset' => ''))) / $per_page); $page_links = paginate_links(array('base' => add_query_arg(array($taxonomy_name . '-tab' => 'all', 'paged' => '%#%', 'item-type' => 'taxonomy', 'item-object' => $taxonomy_name)), 'format' => '', 'prev_text' => __('«'), 'next_text' => __('»'), 'total' => $num_pages, 'current' => $pagenum)); $db_fields = false; if (is_taxonomy_hierarchical($taxonomy_name)) { $db_fields = array('parent' => 'parent', 'id' => 'term_id'); } $walker = new PP_Walker_Nav_Menu_Checklist($db_fields); $current_tab = 'most-used'; if (isset($_REQUEST[$taxonomy_name . '-tab']) && in_array($_REQUEST[$taxonomy_name . '-tab'], array('all', 'most-used', 'search'))) { $current_tab = pp_sanitize_key($_REQUEST[$taxonomy_name . '-tab']); } if (!empty($_REQUEST['quick-search-taxonomy-' . $taxonomy_name])) { $current_tab = 'search'; } $removed_args = array('action', 'customlink-tab', 'edit-menu-item', 'menu-item', 'page-tab', '_wpnonce'); ?> <div id="taxonomy-<?php echo $taxonomy_name; ?> " class="taxonomydiv"> <ul id="taxonomy-<?php echo $taxonomy_name; ?> -tabs" class="taxonomy-tabs add-menu-item-tabs"> <li <?php echo 'most-used' == $current_tab ? ' class="tabs"' : ''; ?> ><a class="nav-tab-link" href="<?php if ($nav_menu_selected_id) { echo esc_url(add_query_arg($taxonomy_name . '-tab', 'most-used', remove_query_arg($removed_args))); } ?> #tabs-panel-<?php echo $taxonomy_name; ?> -pop"><?php _e('Most Used'); ?> </a></li> <li <?php echo 'all' == $current_tab ? ' class="tabs"' : ''; ?> ><a class="nav-tab-link" href="<?php if ($nav_menu_selected_id) { echo esc_url(add_query_arg($taxonomy_name . '-tab', 'all', remove_query_arg($removed_args))); } ?> #tabs-panel-<?php echo $taxonomy_name; ?> -all"><?php _e('View All'); ?> </a></li> <li <?php echo 'search' == $current_tab ? ' class="tabs"' : ''; ?> ><a class="nav-tab-link" href="<?php if ($nav_menu_selected_id) { echo esc_url(add_query_arg($taxonomy_name . '-tab', 'search', remove_query_arg($removed_args))); } ?> #tabs-panel-search-taxonomy-<?php echo $taxonomy_name; ?> "><?php _e('Search'); ?> </a></li> </ul> <div id="tabs-panel-<?php echo $taxonomy_name; ?> -pop" class="tabs-panel <?php echo 'most-used' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive'; ?> "> <ul id="<?php echo $taxonomy_name; ?> checklist-pop" class="categorychecklist form-no-clear" > <?php $popular_terms = get_terms($taxonomy_name, array('orderby' => 'count', 'order' => 'DESC', 'number' => 10, 'hierarchical' => false)); $args['walker'] = $walker; echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $popular_terms), 0, (object) $args); ?> </ul> </div><!-- /.tabs-panel --> <div id="tabs-panel-<?php echo $taxonomy_name; ?> -all" class="tabs-panel tabs-panel-view-all <?php echo 'all' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive'; ?> "> <?php if (!empty($page_links)) { ?> <div class="add-menu-item-pagelinks"> <?php echo $page_links; ?> </div> <?php } ?> <ul id="<?php echo $taxonomy_name; ?> checklist" class="list:<?php echo $taxonomy_name; ?> categorychecklist form-no-clear"> <?php $args['walker'] = $walker; echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $terms), 0, (object) $args); ?> </ul> <?php if (!empty($page_links)) { ?> <div class="add-menu-item-pagelinks"> <?php echo $page_links; ?> </div> <?php } ?> </div><!-- /.tabs-panel --> <div class="tabs-panel <?php echo 'search' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive'; ?> " id="tabs-panel-search-taxonomy-<?php echo $taxonomy_name; ?> "> <?php if (isset($_REQUEST['quick-search-taxonomy-' . $taxonomy_name])) { $searched = esc_attr($_REQUEST['quick-search-taxonomy-' . $taxonomy_name]); $search_results = get_terms($taxonomy_name, array('name__like' => $searched, 'fields' => 'all', 'orderby' => 'count', 'order' => 'DESC', 'hierarchical' => false)); } else { $searched = ''; $search_results = array(); } ?> <p class="quick-search-wrap"> <input type="search" class="pp-quick-search input-with-default-title" title="<?php esc_attr_e('Search'); ?> " value="<?php echo $searched; ?> " name="quick-search-taxonomy-<?php echo $taxonomy_name; ?> " /> <img class="waiting" style="display:none" src="<?php echo esc_url(admin_url('images/wpspin_light.gif')); ?> " alt="" /> <?php submit_button(__('Search'), 'quick-search-submit button-secondary hide-if-js', 'submit', false, array('id' => 'submit-quick-search-taxonomy-' . $taxonomy_name)); ?> </p> <ul id="<?php echo $taxonomy_name; ?> -search-checklist" class="list:<?php echo $taxonomy_name; ?> categorychecklist form-no-clear"> <?php if (!empty($search_results) && !is_wp_error($search_results)) { ?> <?php $args['walker'] = $walker; echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $search_results), 0, (object) $args); ?> <?php } elseif (is_wp_error($search_results)) { ?> <li><?php echo $search_results->get_error_message(); ?> </li> <?php } elseif (!empty($searched)) { ?> <li><?php _e('No results found.'); ?> </li> <?php } ?> </ul> </div><!-- /.tabs-panel --> <p class="button-controls"> <span class="list-controls"> <a href="<?php echo esc_url(add_query_arg(array($taxonomy_name . '-tab' => 'all', 'selectall' => 1), remove_query_arg($removed_args))); ?> #taxonomy-<?php echo $taxonomy_name; ?> " class="select-all"><?php _e('Select All'); ?> </a> </span> <span class="add-to-menu"> <img class="waiting" style="display:none" src="<?php echo esc_url(admin_url('images/wpspin_light.gif')); ?> " alt="" /> <input type="submit"<?php disabled($nav_menu_selected_id, 0); ?> class="button-secondary submit-add-item-exception" value="<?php esc_attr_e('Add Exceptions', 'pp'); ?> " name="add-taxonomy-menu-item" id="submit-taxonomy-<?php echo $taxonomy_name; ?> " /> </span> </p> </div><!-- /.taxonomydiv --> <?php }
exit; } if (!($arr_sfx = explode(':', pp_sanitize_csv($_GET['id_sfx'])))) { return ''; } $op = $arr_sfx[0]; $for_item_type = $arr_sfx[1]; $agent_type = $arr_sfx[2]; $item_id = $_GET['item_id']; $for_item_source = taxonomy_exists($for_item_type) ? 'term' : 'post'; $agent_ids = explode(',', pp_sanitize_csv($_GET['agent_ids'])); echo "<!--ppSfx-->{$op}|{$for_item_type}|{$agent_type}<--ppSfx-->" . "<!--ppResponse-->"; require_once dirname(__FILE__) . '/item-exceptions-data_pp.php'; $exc_data = new PP_ItemExceptionsData(); $args = array('post_types' => (array) $for_item_type, 'agent_type' => $agent_type, 'operations' => $op, 'agent_id' => $agent_ids); $exc_data->load_exceptions(pp_sanitize_key($_GET['via_item_source']), $for_item_source, pp_sanitize_key($_GET['via_item_type']), $item_id, $args); require_once dirname(__FILE__) . '/item-exceptions-render-ui_pp.php'; $exc_render = new PP_ItemExceptionsRenderUI(); $echo = false; $reqd_caps = false; $hierarchical = 'term' == $_GET['via_item_source'] ? is_taxonomy_hierarchical($_GET['via_item_type']) : is_post_type_hierarchical($_GET['via_item_type']); $hierarchical = apply_filters('pp_do_assign_for_children_ui', $hierarchical, $_GET['via_item_type'], $args); $default_select = true; $exc_render->set_options($agent_type); foreach ($agent_ids as $agent_id) { if (!$agent_id) { continue; } $exc_render->draw_row($agent_type, $agent_id, array(), $exc_data->inclusions_active, $exc_data->agent_info[$agent_type][$agent_id], compact('echo', 'default_select', 'for_item_type', 'op', 'reqd_caps', 'hierarchical')); } echo "<--ppResponse-->";
_pp_edit_agent_exceptions($agent_id, $agent_type); } // cludged update of group members on role selection, due to inability to put them in the same form if (pp_group_type_editable($agent_type) && pp_has_group_cap('pp_edit_groups', $agent_id, $agent_type)) { _pp_trigger_group_edit($agent_id, $agent_type); } global $current_user; update_user_option($current_user->ID, 'pp-permissions-tab', 'pp-add-exceptions'); $redirect = "{$url}?page=pp-edit-permissions&agent_id={$agent_id}&agent_type={$agent_type}&updated=1&pp_exc=1"; break; case 'creategroup': if (!current_user_can('pp_create_groups')) { wp_die(__('You are not permitted to do that.', 'pp')); } check_admin_referer('pp-create-group', '_wpnonce_pp-create-group'); $agent_type = isset($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : ''; if (!($agent_type = apply_filters('pp_query_group_type', $agent_type))) { $agent_type = 'pp_group'; } $retval = _pp_add_group($agent_type); if (!is_wp_error($retval)) { if (current_user_can('pp_assign_roles') && pp_bulk_roles_enabled()) { _pp_edit_group_roles($retval, $agent_type); } $type_arg = 'pp_group' == $agent_type ? '' : "&agent_type={$agent_type}"; $redirect = "{$url}?page=pp-edit-permissions&action=edit&agent_id={$retval}{$type_arg}&created=1"; } break; } // end switch if (!empty($retval) && is_wp_error($retval)) {
<?php /** * Edit user administration panel. * * @package WordPress * @subpackage Administration */ if (!defined('ABSPATH')) { exit; } // Exit if accessed directly require_once dirname(__FILE__) . '/permissions-ui_pp.php'; $agent_type = !empty($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group'; if (empty($_REQUEST['agent_id'])) { $agent_id = 0; $agent = (object) array('metagroup_type' => ''); if ('user' != $agent_type) { wp_die(__('No user/group specified.', 'pp')); } } else { $agent_id = (int) $_REQUEST['agent_id']; $agent = pp_get_agent($agent_id, $agent_type); } $metagroup_type = !empty($agent->metagroup_type) ? $agent->metagroup_type : ''; if ('user' == $agent_type) { if (!current_user_can('pp_administer_content') || !current_user_can('list_users')) { wp_die(__('You are not permitted to do that.', 'pp')); } if ($agent_id && empty($agent->ID)) { wp_die(__('Invalid user ID.', 'pp'));
public static function get_roles($agent_type, $agent_id, $args = array()) { global $wpdb; $defaults = array('post_types' => true, 'taxonomies' => true, 'query_agent_ids' => false, 'force_refresh' => false); $args = array_merge($defaults, $args); extract($args, EXTR_SKIP); $roles = array(); $agent_type = pp_sanitize_key($agent_type); /* TODO: filter roles based on enabled types, taxonomies if ( ! is_array($post_types) ) $post_types = pp_get_enabled_post_types( array(), 'object' ); if ( ! is_array($taxonomies) ) $taxonomies = pp_get_enabled_taxonomies( array(), 'object' ); */ if ($query_agent_ids) { static $agent_roles; static $last_query_key; if (!isset($agent_roles)) { $agent_roles = array(); $last_query_agent_ids = false; } $query_key = serialize($query_agent_ids) . $agent_type; } else { $agent_roles = array(); $query_agent_ids = (array) $agent_id; $query_key = false; } if (!isset($agent_roles[$agent_id]) || $last_query_key !== $query_key) { foreach ($query_agent_ids as $_id) { $agent_roles[$_id] = array(); } $results = $wpdb->get_results("SELECT assignment_id, role_name, agent_id FROM {$wpdb->ppc_roles} WHERE agent_type = '{$agent_type}' AND agent_id IN ('" . implode("','", array_map('intval', $query_agent_ids)) . "') ORDER BY role_name"); $no_ext = !defined('PPCE_VERSION') && !defined('PPS_VERSION'); $no_custom_stati = !defined('PPS_VERSION'); foreach ($results as $row) { // roles for these post statuses will not be applied if corresponding extensions are inactive, so do not indicate in users/groups listing or profile if ($no_ext && strpos($row->role_name, ':post_status:') && !strpos($row->role_name, ':post_status:private')) { continue; } elseif ($no_custom_stati && strpos($row->role_name, ':post_status:') && !strpos($row->role_name, ':post_status:private') && !strpos($row->role_name, ':post_status:draft')) { continue; } $agent_roles[$row->agent_id][$row->role_name] = $row->assignment_id; } $last_query_key = $query_key; } return isset($agent_roles[$agent_id]) ? $agent_roles[$agent_id] : array(); }
if (!defined('ABSPATH')) { exit; } // Exit if accessed directly require_once ABSPATH . '/wp-admin/includes/user.php'; require_once dirname(__FILE__) . '/admin-api_pp.php'; if (!isset($_GET['pp_agent_search'])) { return; } $orig_search_str = $_GET['pp_agent_search']; $search_str = sanitize_text_field($_GET['pp_agent_search']); $agent_type = pp_sanitize_key($_GET['pp_agent_type']); $agent_id = (int) $_GET['pp_agent_id']; $topic = sanitize_text_field(str_replace('\\\\:', ',', $_GET['pp_topic'])); $omit_admins = (bool) $_GET['pp_omit_admins']; $context = isset($_GET['pp_context']) ? pp_sanitize_key($_GET['pp_context']) : ''; if (strpos($topic, ',')) { $arr_topic = explode(',', $topic); if (isset($arr_topic[1])) { if (taxonomy_exists($context)) { $verified = true; $ops = _pp_can_set_exceptions($arr_topic[0], $arr_topic[1], array('via_item_source' => 'term', 'via_item_type' => $context, 'for_item_source' => 'post')) ? array('read' => true) : array(); $operations = apply_filters('pp_item_edit_exception_ops', $ops, 'post', $context, $arr_topic[1]); if (!in_array($arr_topic[0], $operations)) { die(-1); } } elseif (post_type_exists($arr_topic[1])) { $verified = true; $ops = _pp_can_set_exceptions($arr_topic[0], $arr_topic[1], array('via_item_source' => 'post', 'for_item_source' => 'post')) ? array('read' => true) : array(); $operations = apply_filters('pp_item_edit_exception_ops', $ops, 'post', $arr_topic[1]); if (!in_array($arr_topic[0], $operations)) {
public static function find_post_type($post_id = 0, $return_default = true) { if (defined('DOING_AJAX') && DOING_AJAX) { // todo: separate function to eliminate redundancy with PP_QueryInterceptor::flt_posts_clauses() $ajax_post_types = apply_filters('pp_ajax_post_types', array('ai1ec_doing_ajax' => 'ai1ec_event')); foreach (array_keys($ajax_post_types) as $arg) { if (!empty($_REQUEST[$arg]) || $arg == $_REQUEST['action']) { return $ajax_post_types[$arg]; } } } if ($post_id) { // note: calling function already compared post_id to global $post if ($_post = get_post($post_id)) { $_type = $_post->post_type; //if ( 'revision' == $_type ) // $_type = get_post_field( 'post_type', $_post->post_parent ); } if (!empty($_type)) { return $_type; } } // no post id was passed in, or we couldn't retrieve it for some reason, so check $_REQUEST args global $pagenow, $wp_query; if (!empty($wp_query->queried_object)) { if (isset($wp_query->queried_object->post_type)) { $object_type = $wp_query->queried_object->post_type; } elseif (isset($wp_query->queried_object->name)) { if (post_type_exists($wp_query->queried_object->name)) { // bbPress forums list $object_type = $wp_query->queried_object->name; } } } elseif (in_array($pagenow, array('post-new.php', 'edit.php'))) { $object_type = !empty($_GET['post_type']) ? pp_sanitize_key($_GET['post_type']) : 'post'; } elseif (in_array($pagenow, array('edit-tags.php'))) { $object_type = !empty($_REQUEST['taxonomy']) ? pp_sanitize_key($_REQUEST['taxonomy']) : 'category'; } elseif (in_array($pagenow, array('admin-ajax.php')) && !empty($_REQUEST['taxonomy'])) { $object_type = pp_sanitize_key($_REQUEST['taxonomy']); } elseif (!empty($_POST['post_ID'])) { if ($_post = get_post($_POST['post_ID'])) { $object_type = $_post->post_type; } } elseif (!empty($_GET['post'])) { // post.php if ($_post = get_post($_GET['post'])) { $object_type = $_post->post_type; } } else { global $pp_object_type; if (!empty($pp_object_type)) { $object_type = $pp_object_type; } } if (empty($object_type)) { if ($return_default) { // default to post type return 'post'; } } elseif ('any' != $object_type) { return $object_type; } }