function flt_wp_dropdown_users($wp_output)
 {
     // just filter Post Author dropdown
     if (!strpos($wp_output, "name='post_author_override'")) {
         return $wp_output;
     }
     // this is meant to filter the post author selection
     if (!is_admin()) {
         return $wp_output;
     }
     // if (even after our blogcap tinkering) the author list is already locked due to insufficient blog-wide caps, don't mess
     if (!($pos = strpos($wp_output, '<option'))) {
         return $wp_output;
     }
     if (!strpos($wp_output, '<option', $pos + 1)) {
         return $wp_output;
     }
     global $wpdb, $scoper;
     $last_query = $wpdb->last_query;
     if (!($object_type = cr_find_post_type())) {
         return $wp_output;
     }
     if (!($post_type_obj = get_post_type_object($object_type))) {
         return $wp_output;
     }
     global $current_user;
     $is_ngg_edit = strpos($_SERVER['REQUEST_URI'], 'nggallery-manage-gallery');
     if (!$is_ngg_edit) {
         $src_name = 'post';
         $object_id = scoper_get_object_id('post', $object_type);
         // only modify the default authors list if current user has Editor role for the current post/page
         $have_cap = cr_user_can($post_type_obj->cap->edit_others_posts, $object_id, 0, array('require_full_object_role' => true));
     } else {
         $src_name = 'ngg_gallery';
         $object_id = $_REQUEST['gid'];
         $have_cap = !empty($current_user->allcaps[$post_type_obj->cap->edit_others_posts]);
         // $post_type_obj defaults to 'post' type on NGG Manage Gallery page
     }
     //if ( ! $have_cap )
     //	return $wp_output;
     $orderpos = strpos($last_query, 'ORDER BY');
     $orderby = $orderpos ? substr($last_query, $orderpos) : '';
     if (!strpos($orderby, 'display_name')) {
         // sanity check in case the last_query buffer gets messed up
         $orderby = '';
     }
     $id_in = $id_not_in = $show_option_all = $show_option_none = '';
     $pos = strpos($last_query, 'AND ID IN(');
     if ($pos) {
         $pos_close = strpos($last_query, ')', $pos);
         if ($pos_close) {
             $id_in = substr($last_query, $pos, $pos_close - $pos + 1);
         }
     }
     $pos = strpos($last_query, 'AND ID NOT IN(');
     if ($pos) {
         $pos_close = strpos($last_query, ')', $pos);
         if ($pos_close) {
             $id_not_in = substr($last_query, $pos, $pos_close - $pos + 1);
         }
     }
     $search = "<option value='0'>";
     $pos = strpos($wp_output, $search . __awp('Any'));
     if ($pos) {
         $pos_close = strpos($wp_output, '</option>', $pos);
         if ($pos_close) {
             $show_option_all = substr($wp_output, $pos + strlen($search), $pos_close - $pos - strlen($search));
         }
     }
     $search = "<option value='-1'>";
     $pos = strpos($wp_output, $search . __awp('None'));
     if ($pos) {
         $pos_close = strpos($wp_output, '</option>', $pos);
         if ($pos_close) {
             $show_option_none = substr($wp_output, $pos + strlen($search), $pos_close - $pos - strlen($search));
         }
     }
     $search = "<select name='";
     $pos = strpos($wp_output, $search);
     if (false !== $pos) {
         $pos_close = strpos($wp_output, "'", $pos + strlen($search));
         if ($pos_close) {
             $name = substr($wp_output, $pos + strlen($search), $pos_close - $pos - strlen($search));
         }
     }
     $search = " id='";
     $multi = !strpos($wp_output, $search);
     // beginning with WP 2.7, some users dropdowns lack id attribute
     $search = " class='";
     $pos = strpos($wp_output, $search);
     if ($pos) {
         $pos_close = strpos($wp_output, "'", $pos + strlen($search));
         if ($pos_close) {
             $class = substr($wp_output, $pos + strlen($search), $pos_close - $pos - strlen($search));
         }
     }
     $search = " selected='selected'";
     $pos = strpos($wp_output, $search);
     if ($pos) {
         $search = "<option value='";
         $str_left = substr($wp_output, 0, $pos);
         $pos = strrpos($str_left, $search);
         //back up to previous option tag
         $pos_close = strpos($wp_output, "'", $pos + strlen($search));
         if ($pos_close) {
             $selected = substr($wp_output, $pos + strlen($search), $pos_close - ($pos + strlen($search)));
         }
     }
     if (empty($selected)) {
         $selected = $current_user->ID;
     }
     // precaution prevents default-selection of non-current user
     // Role Scoper filter application
     $where = "{$id_in} {$id_not_in}";
     $args = array();
     $args['where'] = $where;
     $args['orderby'] = $orderby;
     if ($object_id > 0) {
         if ($current_author = $scoper->data_sources->get_from_db('owner', $src_name, $object_id)) {
             $force_user_id = $current_author;
         }
     } else {
         $force_user_id = $current_user->ID;
     }
     if ($have_cap) {
         if ($force_user_id) {
             $args['preserve_or_clause'] = " uro.user_id = '{$force_user_id}'";
         }
         $users = $scoper->users_who_can($post_type_obj->cap->edit_posts, COLS_ID_DISPLAYNAME_RS, 'post', $object_id, $args);
     } else {
         $display_name = $wpdb->get_var("SELECT display_name FROM {$wpdb->users} WHERE ID = '{$force_user_id}'");
         $users = array((object) array('ID' => $force_user_id, 'display_name' => $display_name));
     }
     if (empty($users)) {
         // sanity check: users_who_can should always return Administrators
         if ($admin_roles = awp_administrator_roles()) {
             $users = scoper_get_results("SELECT DISTINCT ID, display_name FROM {$wpdb->users} INNER JOIN {$wpdb->user2role2object_rs} AS uro ON uro.user_id = {$wpdb->users}.ID AND uro.scope = 'blog' AND uro.role_type = 'wp' AND uro.role_name IN ('" . implode("','", $admin_roles) . "')");
         } else {
             return $wp_output;
         }
         // the user data must be messed up
     }
     $show = 'display_name';
     // no way to back this out
     // ----------- begin wp_dropdown_users code copy (from WP 2.7) -------------
     $id = $multi ? "" : "id='{$name}'";
     $output = "<select name='{$name}' {$id} class='{$class}'>\n";
     if ($show_option_all) {
         $output .= "\t<option value='0'>{$show_option_all}</option>\n";
     }
     if ($show_option_none) {
         $output .= "\t<option value='-1'>{$show_option_none}</option>\n";
     }
     foreach ((array) $users as $user) {
         $user->ID = (int) $user->ID;
         $_selected = $user->ID == $selected ? " selected='selected'" : '';
         $display = !empty($user->{$show}) ? $user->{$show} : '(' . $user->user_login . ')';
         $output .= "\t<option value='{$user->ID}'{$_selected}>" . esc_html($display) . "</option>\n";
     }
     $output .= "</select>";
     // ----------- end wp_dropdown_users code copy (from WP 2.7) -------------
     return $output;
 }
 function users_queryroles($reqd_caps, $src_name, $object_id = '', $args = array())
 {
     $defaults = array('roles' => '', 'user' => '', 'querying_groups' => 0, 'use_term_roles' => 1, 'use_blog_roles' => 1, 'skip_object_roles' => false, 'ignore_strict_terms' => 0, 'object_terms' => array(), 'object_type' => '', 'objscope_roles' => '', 'any_object' => false);
     $args = array_merge($defaults, (array) $args);
     extract($args);
     $src = $this->scoper->data_sources->get($src_name);
     // ---- The following default argument generation is included to support potential direct usage of this function
     //								(not needed for flt_users_where call -----------------
     // Treat empty reqd_caps array as an error
     if (empty($reqd_caps)) {
         return array();
     }
     $reqd_caps = (array) $reqd_caps;
     // Calling function may save us a little work if it has already made this call
     if (!$roles) {
         if (!($roles = $this->scoper->role_defs->qualify_roles($reqd_caps))) {
             return array();
         }
     } else {
         $roles = (array) $roles;
     }
     // this set of reqd_caps cannot be satisfied by any role
     if (!$reqd_caps && !$roles) {
         return;
     }
     if ($object_id && !$src_name) {
         $object_id = 0;
     }
     // -----------------------------------------------------------------------------------
     // Default to not honoring custom user caps, but support option
     $custom_user_blogcaps = SCOPER_CUSTOM_USER_BLOGCAPS;
     if (!$object_type) {
         if ($object_types = $this->scoper->cap_defs->object_types_from_caps($reqd_caps, $src_name)) {
             if (count($object_types) == 1) {
                 $object_type = reset($object_types);
             }
         }
         if (!$object_type) {
             $object_type = cr_find_object_type($src_name, $object_id);
         }
     }
     // RS roles are object type-specific
     $roles_wp = $this->scoper->role_defs->filter($roles, array('role_type' => 'wp'));
     $roles_rs = $this->scoper->role_defs->filter($roles, array('role_type' => 'rs'));
     $this_otype_roles = $this->scoper->role_defs->get_matching('rs', $src_name, $object_type);
     $roles_rs = array_intersect_key($roles_rs, $this_otype_roles);
     $roles = array_merge($roles_rs, $roles_wp);
     $qualifying_roles = array();
     // --------- ACCOUNT FOR OBJECT ROLES -----------
     // If this set of reqd_caps can be satisfied by a scopable role, check for object role assignements
     if (!$skip_object_roles && ($object_id || $any_object)) {
         // exclude roles which have never been assigned to any object
         if ($object_roles = $this->scoper->qualify_object_roles($reqd_caps, $object_type, -1)) {
             $qualifying_roles[OBJECT_SCOPE_RS][''] = scoper_role_handles_to_names(array_keys($roles));
         }
     }
     // If this inquiry is for a particular object, find out which roles must be object-assigned for it
     if ($object_id) {
         // For term and blog role clauses, exclude roles which require object assignment for that object
         // But don't disqualify a role if any of the roles it "contains" also qualify and are not object-scoped.
         // (i.e. If the required caps are satisfied by admin, editor and contributor, the actual minimum requirement
         // is contributor.  A specification that admin and editor roles "require object assignment" does not apply
         // in this scenario.
         if (!is_array($objscope_roles)) {
             $objscope_roles = $this->get_objscope_roles($src_name, $object_id, '', true);
         }
         if ($objscope_roles) {
             $contained_roles = array();
             $roles_wp = $this->scoper->role_defs->filter($roles, array('role_type' => 'wp'));
             foreach (array_keys($roles_wp) as $role_handle) {
                 // If scoping with RS roles, this will also have the effect of disqualifying a WP blog role if all of the qualifying RS roles it contains are objscoped.
                 $contained_roles[$role_handle] = $this->scoper->role_defs->get_contained_roles($role_handle, false, 'rs');
                 $contained_roles[$role_handle] = array_intersect_key($contained_roles[$role_handle], $roles);
                 if (!array_diff_key($contained_roles[$role_handle], $objscope_roles)) {
                     unset($roles[$role_handle]);
                 }
             }
             foreach (array_keys($roles) as $role_handle) {
                 $contained_roles[$role_handle] = $this->scoper->role_defs->get_contained_roles($role_handle, true, 'rs');
                 //true: include this role in return array
                 $contained_roles[$role_handle] = array_intersect_key($contained_roles[$role_handle], $roles);
                 if (!array_diff_key($contained_roles[$role_handle], $objscope_roles)) {
                     unset($roles[$role_handle]);
                 }
             }
         }
     }
     // --------- ACCOUNT FOR TERM ROLES -----------
     // Consider term scope settings and role assignments
     //
     $uses_taxonomies = scoper_get_taxonomy_usage($src_name, $object_type);
     if ($use_term_roles && $src_name && $roles && !empty($uses_taxonomies)) {
         // If scoping with RS roles, strip out WP role definitions (which were included for blogrole clause)
         $term_roles = $this->scoper->role_defs->filter($roles, array('role_type' => 'rs'));
         if ($term_roles) {
             foreach ($uses_taxonomies as $taxonomy) {
                 // include users with a sufficient term role assignment in any term
                 $qualifying_roles[TERM_SCOPE_RS][$taxonomy] = scoper_role_handles_to_names(array_keys($term_roles));
             }
         }
         // Honor blog-wide assignment of any non-objscope role, but only if at least one term
         // is not "strict" (i.e. merges blogroles into term-specific assignments).
         if (!$ignore_strict_terms) {
             $term_roles = $this->get_unrestricted_term_roles($term_roles, $uses_taxonomies, $object_id, $object_terms);
             // disqualify a WP blog role if all of the qualifying RS roles it contains were excluded by the strict terms filter.
             if ($roles_wp = $this->scoper->role_defs->filter($roles, array('role_type' => 'wp'))) {
                 $contained_roles = array();
                 foreach (array_keys($roles_wp) as $role_handle) {
                     $contained_roles[$role_handle] = $this->scoper->role_defs->get_contained_roles($role_handle, false, 'rs');
                     $contained_roles[$role_handle] = array_intersect_key($contained_roles[$role_handle], $roles);
                     if (!$term_roles || !$contained_roles[$role_handle] || !array_intersect_key($contained_roles[$role_handle], $term_roles)) {
                         unset($roles[$role_handle]);
                     }
                 }
             }
             $roles_current = $this->scoper->role_defs->filter($roles, array('role_type' => 'rs'));
             foreach (array_keys($roles_current) as $role_handle) {
                 if (!isset($term_roles[$role_handle])) {
                     unset($roles[$role_handle]);
                 }
             }
             // Since this term role is restricted for all terms, prevent corresponding blog role from being added to qualifying_roles array by subsequent code
         }
     }
     // --------- ACCOUNT FOR BLOG ROLES -----------
     // For each qualifying role, recognize blog assignment if the reqd_caps set is not associated
     // with a defined data source, if this source/object type does not use term roles,
     // or if some of the the terms are not strict.
     //
     // Note that WP blogrole assignments (if not taxonomy or object-scoped) are honored
     // regardless of Role Scoper role_type setting.
     if ($use_blog_roles) {
         if ($admin_roles = awp_administrator_roles()) {
             $roles = $roles ? array_merge($roles, $admin_roles) : $admin_roles;
         }
         if ($roles) {
             $role_types = array('rs', 'wp');
             foreach ($role_types as $role_type) {
                 //if ( ('rs' == $role_type) && ! RS_BLOG_ROLES )  // rs_blog_roles option has never been active in any RS release; leave commented here in case need arises
                 //		continue;
                 $this_type_roles = $this->scoper->role_defs->filter($roles, array('role_type' => $role_type));
                 $qualifying_roles[BLOG_SCOPE_RS][$role_type] = scoper_role_handles_to_names(array_keys($this_type_roles));
             }
         }
         if ($custom_user_blogcaps && $use_blog_roles) {
             // If custom user blogcaps option is enabled, this function is called separately for each reqd cap.
             // Custom user caps are stored as "hidden" single-cap role of type WP_CAP, sync'd to WP usermeta storage.
             if ($custom_user_blogcaps) {
                 $qualifying_roles[BLOG_SCOPE_RS]['wp_cap'] = $reqd_caps;
             }
             // ...which contains one cap
         }
     }
     return $qualifying_roles;
 }