/** * @return GravityView_oEmbed * @since 1.6 */ static function getInstance() { if (empty(self::$instance)) { self::$instance = new self(); self::$instance->initialize(); } return self::$instance; }
/** * Check if the user can edit the entry * * - Is the nonce valid? * - Does the user have the right caps for the entry * - Is the entry in the trash? * * @todo Move to GVCommon * * @param boolean $echo Show error messages in the form? * @return boolean True: can edit form. False: nope. */ function user_can_edit_entry($echo = false) { $error = NULL; /** * 1. Permalinks are turned off * 2. There are two entries embedded using oEmbed * 3. One of the entries has just been saved */ if (!empty($_POST['lid']) && !empty($_GET['entry']) && $_POST['lid'] !== $_GET['entry']) { $error = true; } if (!empty($_GET['entry']) && (string) $this->entry['id'] !== $_GET['entry']) { $error = true; } elseif (!$this->verify_nonce()) { /** * If the Entry is embedded, there may be two entries on the same page. * If that's the case, and one is being edited, the other should fail gracefully and not display an error. */ if (GravityView_oEmbed::getInstance()->get_entry_id()) { $error = true; } else { $error = __('The link to edit this entry is not valid; it may have expired.', 'gravityview'); } } if (!GravityView_Edit_Entry::check_user_cap_edit_entry($this->entry)) { $error = __('You do not have permission to edit this entry.', 'gravityview'); } if ($this->entry['status'] === 'trash') { $error = __('You cannot edit the entry; it is in the trash.', 'gravityview'); } // No errors; everything's fine here! if (empty($error)) { return true; } if ($echo && $error !== true) { $error = esc_html($error); /** * @since 1.9 */ if (!empty($this->entry)) { $error .= ' ' . gravityview_get_link('#', _x('Go back.', 'Link shown when invalid Edit Entry link is clicked', 'gravityview'), array('onclick' => "window.history.go(-1); return false;")); } echo GVCommon::generate_notice(wpautop($error), 'gv-error error'); } do_action('gravityview_log_error', 'GravityView_Edit_Entry[user_can_edit_entry]' . $error); return false; }