/**
* Loads meta boxes for the post editing screen.
*
* @since 0.2.0
*/
function members_admin_load_post_meta_boxes()
{
/* If the content permissions component is active, load its post meta box. */
if (members_get_setting('content_permissions')) {
require_once MEMBERS_ADMIN . 'meta-box-post-content-permissions.php';
}
}
/**
* Blocks feed items if the user has selected the private feed feature.
*
* @since 0.2.0
* @param string $content The post or comment feed content.
* @return string $content Returns either the content or an error message.
*/
function members_private_feed($content)
{
if (members_get_setting('private_feed')) {
$content = members_get_setting('private_feed_error');
}
return $content;
}
/**
* Conditional tag to check if a user can view a specific post. A user cannot view a post if their user role has
* not been selected in the 'Content Permissions' meta box on the edit post screen in the admin. Non-logged in
* site visitors cannot view posts if roles were seletected. If no roles were selected, all users and site visitors
* can view the content.
*
* There are exceptions to this rule though. The post author, any user with the 'restrict_content' capability,
* and users that have the ability to edit the post can always view the post, even if their role was not granted
* permission to view it.
*
* @todo See how feasible it is to just use the normal user_can() NXTClass function to check against a meta
* capability such as 'members_view_post' while hooking into 'map_meta_cap' or 'user_has_cap' to roll custom
* plugin handling for this. This would just be a wrapper tag.
*
* @since 0.2.0
* @param int $user_id The ID of the user to check.
* @param int $post_id The ID of the post to check.
* @return bool True if the user can view the post. False if the user cannot view the post.
*/
function members_can_user_view_post($user_id, $post_id = '')
{
/* If no post ID is given, assume we're in The Loop and get the current post's ID. */
if (empty($post_id)) {
$post_id = get_the_ID();
}
/* Assume the user can view the post at this point. */
$can_view = true;
/**
* The plugin is only going to handle permissions if the 'content permissions' feature is active. If
* not active, the user can always view the post. However, developers can roll their own handling of
* this and filter 'members_can_user_view_post'.
*/
if (members_get_setting('content_permissions')) {
/* Get the roles selected by the user. */
$roles = get_post_meta($post_id, '_members_access_role', false);
/* Check if there are any old roles with the '_role' meta key. */
if (empty($roles)) {
$roles = members_convert_old_post_meta($post_id);
}
/* If we have an array of roles, let's get to work. */
if (!empty($roles) && is_array($roles)) {
/**
* Since specific roles were given, let's assume the user can't view the post at
* this point. The rest of this functionality should try to disprove this.
*/
$can_view = false;
/* Get the post object. */
$post = get_post($post_id);
/* Get the post type object. */
$post_type = get_post_type_object($post->post_type);
/* If viewing a feed or if the user's not logged in, assume it's blocked at this point. */
if (is_feed() || !is_user_logged_in()) {
$can_view = false;
} elseif ($post->post_author == $user_id || user_can($user_id, 'restrict_content') || user_can($user_id, $post_type->cap->edit_post, $post_id)) {
$can_view = true;
} else {
/* Loop through each role and set $can_view to true if the user has one of the roles. */
foreach ($roles as $role) {
if (user_can($user_id, $role)) {
$can_view = true;
}
}
}
}
}
/* Allow developers to overwrite the final return value. */
return apply_filters('members_can_user_view_post', $can_view, $user_id, $post_id);
}
/**
* Registers widgets for the plugin.
*
* @since 0.2.0
*/
function members_register_widgets()
{
/* If the login form widget is enabled. */
if (members_get_setting('login_form_widget')) {
/* Load the login form widget file. */
require_once MEMBERS_INCLUDES . 'widget-login-form.php';
/* Register the login form widget. */
register_widget('Members_Widget_Login');
}
/* If the users widget is enabled. */
if (members_get_setting('users_widget')) {
/* Load the users widget file. */
require_once MEMBERS_INCLUDES . 'widget-users.php';
/* Register the users widget. */
register_widget('Members_Widget_users');
}
}
/**
* Returns the private feed error message.
*
* @since 1.0.0
* @access public
* @return string
*/
function members_get_private_feed_message()
{
return apply_filters('members_feed_error_message', members_get_setting('private_feed_error'));
}
/**
* Conditional check to see if users widget is enabled.
*
* @since 1.0.0
* @access public
* @return bool
*/
function members_users_widget_enabled()
{
return apply_filters('members_users_widget_enabled', members_get_setting('users_widget'));
}
/**
* Private feed error message field callback.
*
* @since 1.0.0
* @access public
* @return void
*/
public function field_private_feed_error()
{
wp_editor(members_get_setting('private_feed_error'), 'members_settings_private_feed_error', array('textarea_name' => 'members_settings[private_feed_error]', 'drag_drop_upload' => true, 'editor_height' => 250));
}
/**
* Displays the private site meta box.
*
* @since 0.2.0
*/
function members_meta_box_display_private_site($object, $box)
{
?>
<p>
<input type="checkbox" name="members_settings[private_blog]" id="members_settings-private_blog" value="1" <?php
checked(1, members_get_setting('private_blog'));
?>
/>
<label for="members_settings-private_blog"><?php
_e('Redirect all logged-out users to the login page before allowing them to view the site.', 'members');
?>
</label>
</p>
<p>
<input type="checkbox" name="members_settings[private_feed]" id="members_settings-private_feed" value="1" <?php
checked(1, members_get_setting('private_feed'));
?>
/>
<label for="members_settings-private_feed"><?php
_e('Show error message for feed items.', 'members');
?>
</label>
</p>
<p>
<label for="members_settings-private_feed_error"><?php
_e('Feed error message:', 'members');
?>
</label>
<textarea name="members_settings[private_feed_error]" id="members_settings-private_feed_error"><?php
echo esc_textarea(members_get_setting('private_feed_error'));
?>
</textarea>
<br />
<label for="members_settings-private_feed_error"><?php
_e('You can use <abbr title="Hypertext Markup Language">HTML</abbr> and/or shortcodes to create a custom error message to display instead of feed item content.', 'members');
?>
</label>
</p>
<?php
}
/**
* Gets the error message to display for users who do not have access to view the given post. The function first
* checks to see if a custom error message has been written for the specific post. If not, it loads the error
* message set on the plugins settings page.
*
* @since 0.2.0
* @param int $post_id The ID of the post to get the error message for.
* @return string $return The error message.
*/
function members_get_post_error_message($post_id)
{
/* Get the error message for the specific post. */
$error_message = get_post_meta($post_id, '_members_access_error', true);
/* If an error message is found, return it. */
if (!empty($error_message)) {
$return = $error_message;
} else {
$return = members_get_setting('content_permissions_error');
}
/* Return the error message. */
return apply_filters('members_post_error_message', $return);
}
/**
* Gets the error message to display for users who do not have access to view the given post.
* The function first checks to see if a custom error message has been written for the
* specific post. If not, it loads the error message set on the plugins settings page.
*
* @since 0.2.0
* @access public
* @param int $post_id
* @return string
*/
function members_get_post_error_message($post_id)
{
// Get the error message for the specific post.
$message = members_get_post_access_message($post_id);
// Use default error message if we don't have one for the post.
if (!$message) {
$message = members_get_setting('content_permissions_error');
}
// Return the error message.
return apply_filters('members_post_error_message', sprintf('<div class="members-access-error">%s</div>', $message));
}