/** * Nonces exist in the $_POST array using the key named like this: * conroller_name + _nonce. The nonce is always named "ajax_nonce". * WARNING: The response returned by the ajax-controllers *must* be wrapped in * some kind of HTML tag, otherwise you can't use jQuery('#target_id').html(x) * to write it. * * @param string $name of the method being called * @param mixed $args sent to that method */ public function __call($name, $args) { if (!isset($this->controllers[$name])) { CCTM::log(sprintf(__('Invalid Ajax controller: %s', CCTM_TXTDOMAIN), "<em>{$name}</em>"), __FILE__, __LINE__); die(sprintf(__('Invalid Ajax controller: %s', CCTM_TXTDOMAIN), "<em>{$name}</em>")); } $nonce = CCTM::get_value($_REQUEST, $name . '_nonce'); if (!wp_verify_nonce($nonce, 'ajax_nonce')) { CCTM::log(sprintf(__('Invalid nonce for %s', CCTM_TXTDOMAIN), "<em>{$name}</em>"), __FILE__, __LINE__); die(sprintf(__('Invalid nonce for %s', CCTM_TXTDOMAIN), "<em>{$name}</em>")); } include $this->controllers[$name]; exit; }
/** * Save the new Custom Fields values. If the content type is not active in the * CCTM plugin or its custom fields are not being standardized, then this function * effectively does nothing. * * WARNING: This function is also called when the wp_insert_post() is called, and * we don't want to step on its toes. We want this to kick in ONLY when a post * is inserted via the WP manager. * see http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=52 * * @param integer $post_id id of the post these custom fields are associated with * @param object $post the post object */ public static function save_custom_fields($post_id, $post) { // Bail if you're not in the admin editing a post if (!self::_is_existing_post() && !self::_is_new_post()) { return; } // Bail if this post-type is not active in the CCTM if (!isset(CCTM::$data['post_type_defs'][$post->post_type]['is_active']) || CCTM::$data['post_type_defs'][$post->post_type]['is_active'] == 0) { return; } // Bail if there are no custom fields defined in the CCTM if (empty(CCTM::$data['post_type_defs'][$post->post_type]['custom_fields'])) { return; } // See issue http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=80 if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // Use this to ensure you save custom fields only when saving from the edit/create post page $nonce = CCTM::get_value($_POST, '_cctm_nonce'); if (!wp_verify_nonce($nonce, 'cctm_create_update_post')) { return; } if (!empty($_POST)) { $custom_fields = self::_get_custom_fields($post->post_type); $validation_errors = array(); foreach ($custom_fields as $field_name) { if (!isset(CCTM::$data['custom_field_defs'][$field_name]['type'])) { continue; } $field_type = CCTM::$data['custom_field_defs'][$field_name]['type']; if ($FieldObj = CCTM::load_object($field_type, 'fields')) { $FieldObj->set_props(CCTM::$data['custom_field_defs'][$field_name]); $value = $FieldObj->save_post_filter($_POST, $field_name); CCTM::log("Saving field Type: {$field_type} with value: {$value}", __FILE__, __LINE__); // Custom fields can return a literal null if they don't save data to the db. if ($value !== null) { // Check for empty json arrays, e.g. [""], convert them to empty PHP array() $value_copy = $value; if ($FieldObj->is_repeatable) { $value_copy = json_decode(stripslashes($value), true); if (is_array($value_copy)) { foreach ($value_copy as $k => $v) { if (empty($v)) { unset($value_copy[$k]); } } } } // We do some more work to ensure the database stays lean if (is_array($value_copy) && empty($value_copy) && !CCTM::get_setting('save_empty_fields')) { delete_post_meta($post_id, $field_name); } if (!is_array($value_copy) && !strlen(trim($value_copy)) && !CCTM::get_setting('save_empty_fields')) { // Delete the row from wp_postmeta, or don't write it at all delete_post_meta($post_id, $field_name); } else { update_post_meta($post_id, $field_name, $value); } } } else { // error! Can't include the field class. WTF did you do? } } // Pass validation errors like this: fieldname => validator, e.g. myfield => required if (!empty($validation_errors)) { CCTM::log('Validation errors: ' . json_encode($validation_errors), __FILE__, __LINE__); CCTM::set_flash(json_encode($validation_errors)); } } }
/** * Ensures that the front-end search form can find posts or view posts in the RSS * CONFUSED: Looks like only the request_filter handles the RSS stuff... and why is the * $query variable here an object, whereas in the request_filter it's an array? * http://mysite.com/category/my_cat/ does not seem to trigger this filter anymore. * See http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=143 * See also http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=186 * * @param string $query * @return string */ public static function search_filter($query) { // die(print_r($query,true)); // See the following bugs: // http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=349 // http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=366 if ($query->is_feed) { if (!isset($_GET['post_type']) && empty($_GET['post_type']) && !isset($query->query_vars['post_type']) && empty($query->query_vars['post_type'])) { $args = array('exclude_from_search' => false); // array( 'public' => true); $post_types = get_post_types($args); unset($post_types['revision']); unset($post_types['nav_menu_item']); // unset($post_types['page']); // TO-DO: configure this? foreach ($post_types as $pt) { // See http://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=412 if ('page' == $pt && self::get_setting('pages_in_rss_feed')) { // Leave pages in. } elseif ($pt == 'post') { // Do nothing. Posts are always included in the RSS feed. } elseif (!isset($pt['include_in_rss']) || !$pt['include_in_rss']) { unset($post_types[$key]); } } // The format of the array of $post_types is array('post' => 'post', 'page' => 'page') $query->set('post_type', $post_types); } } elseif ($query->is_search || $query->is_category) { if (!isset($_GET['post_type']) && empty($_GET['post_type']) && !isset($query->query_vars['post_type']) && empty($query->query_vars['post_type'])) { $post_types = get_post_types(array('exclude_from_search' => false)); // The format of the array of $post_types is array('post' => 'post', 'page' => 'page') $query->set('post_type', $post_types); } } CCTM::log('search_filter ' . print_r($query->get('post_type'), true), __FILE__, __LINE__); return $query; }