Skip to content

Instantly share code, notes, and snippets.

@solepixel
Last active December 16, 2015 08:39
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save solepixel/5407209 to your computer and use it in GitHub Desktop.
PHP warnings fix
<?php
// ...
/* Line 418 */
public static function render_sidebar_attached_groups($security=null,$cur_page_id=null){
if(is_numeric($security) || is_string($security)){
//Get array with security requirements for this page
$security = CTXPS_Security::get_post_protection( $security, false );
}
//Default vars
$return = '';
$termGroups = array();
//If $cur_page_id isn't set, try to get the value from the querystring
if(empty($cur_page_id)){
if (!empty($_REQUEST['post_id'])){
$cur_page_id = $_REQUEST['post_id'];
}
else if(!empty($_REQUEST['post'])){
$cur_page_id = $_REQUEST['post'];
}
else if (!empty($_REQUEST['postid'])){
$cur_page_id = $_REQUEST['postid'];
}
}
//Fetch term groups, if we have a page id
if(!empty($cur_page_id))
$termGroups = CTXPS_Queries::get_groups_by_post_terms($cur_page_id,true);
//Count the number of term groups
$groupcount = count($termGroups);
//Count the number of groups directly attached to this page (including inherited groups)
if(!empty($security)){
foreach($security as $securityGroups){
$groupcount += count($securityGroups);
}
}
//Show groups that are already added to this page
if($groupcount===0){
//Display this if we have no groups (inherited or otherwise)
$return .= '<div><em>'.__('No groups have been added yet.','contexture-page-security').'</em></div>';
}else{
if(!empty($security)){
foreach($security as $pageid => $grouparray){
//If this is the current page (and not an ancestor)
if($pageid == $cur_page_id){
foreach($grouparray as $currentGroup_id => $currentGroup_name){
$return .= '<div class="ctx-ps-sidebar-group">&bull; <span class="ctx-ps-sidebar-group-title">'.$currentGroup_name.'</span> <a style="text-decoration:none;" href="'
.admin_url('/users.php?page=ps_groups_edit&groupid='.$currentGroup_id).'">&raquo;</a><span class="removegrp" onclick="CTXPS_Ajax.removeGroupFromPage('.$currentGroup_id.',jQuery(this))" title="'
.__('Click to remove group access.','contexture-page-security').'" >'
.__('remove','contexture-page-security').'</span></div>';
}
}else{
foreach($grouparray as $currentGroup_id => $currentGroup_name){
$return .= '<div class="ctx-ps-sidebar-group inherited">&bull; <span class="ctx-ps-sidebar-group-title">'
.$currentGroup_name.'</span> <a style="text-decoration:none;" href="'
.admin_url('/users.php?page=ps_groups_edit&groupid='
.$currentGroup_id).'">&raquo;</a><a class="viewgrp" target="_blank" href="'
.admin_url('post.php?post='.$pageid.'&action=edit').'" title="'
.__('Protection has been inherited from an ancestor. Click to view ancestor.','contexture-page-security').'">'
.__('ancestor','contexture-page-security')
.'</a></div>';
}//foreach
}//else
}//foreach
}//if
//Show terms that are already added to this list
foreach($termGroups as $tgroup){
//Get the term archive URL. If one doesnt exist, dont link
$term_archive_link = admin_url(sprintf('/edit-tags.php?action=edit&taxonomy=%s&tag_ID=%s',$tgroup['taxonomy'],$tgroup['term_id']));
//Build the link HTML for terms
$return .= '<div class="ctx-ps-sidebar-group inherited">&bull; <span class="ctx-ps-sidebar-group-title">'
.$tgroup['group_title']
.'</span> <a style="text-decoration:none;" href="'.$term_archive_link.'">&raquo;</a><a class="viewgrp" target="_blank" href="'.$term_archive_link.'" title="'.__('Protection has been inherited from a term. Click to view term.','contexture-page-security').'">'
.__('term','contexture-page-security')
.'</a></div>';
}
}
return $return;
}
// ...
<?php
// ...
/* Line 91 */
public static function filter_loops($content){
global $current_user;
//Get plugin options
$dbOpts = get_option('contexture_ps_options');
if(is_feed() && $dbOpts['ad_msg_usefilter_rss']=='false'){
//If this is a feed and it's filtering is explicitly disabled, do no filtering. Otherwise... filter as normal (below)
return $content;
}else{
//Do this only if user is not an admin, or if this is the blog page, category page, tag page, or feed (and isnt an admin page)
if( !current_user_can('edit_others_posts') && ( is_home() || is_category() || is_tag() || is_tax() || is_feed() || is_author() || is_search() || is_archive() ) && !is_admin()) {
foreach($content as $key => $value){
/**Groups that this user is a member of*/
$useraccess = CTXPS_Queries::get_user_groups($current_user->ID);
/**Groups required to access this post*/
$pagereqs = self::get_post_protection($value->ID);
/**Term groups required to access this post - default is false (no protection) */
$termreqs = false;
// //First, check if the post has any protected terms
// if(CTXPS_Queries::check_post_term_protection($value->ID)){
// //If the term-branch is protected, get an array of groups
// $termreqs = CTXPS_Queries::get_groups_by_post_terms($value->ID);
// }
//If necessary, validate group membership for page
if($pagereqs !== false && is_array($pagereqs)){
$secureallowed = self::check_access($useraccess,$pagereqs);
//NOT ALLOWED TO ACCESS!!
if(!$secureallowed){
//If we're NOT allowed to access this page
unset($content[$key]);
}
}
// //If necessary, validate group membership for page's terms
// if($termreqs !== false && is_array($termreqs)){
//
// //Determine if user can access this content
// $termallowed = CTXPS_Security::check_access($useraccess,$termreqs);
//
// //NOT ALLOWED TO ACCESS!
// if(!$termallowed){
// unset($content[$key]);
// }
// }//End if
}//End foreach
}//End appropriate section check
}
//Adjust top-level array key numbers to be concurrent (since a gap between numbers can cause wp to freak out)
$content = array_merge($content,array());
return $content;
}
// ...
/* line 160 */
public static function filter_auto_menus($content){
global $current_user;
$dbOpts = get_option('contexture_ps_options');//ad_msg_usefilter_menus
//Do this filtering only if the user isn't an admin (and isn't in admin section)... and provided the user hasn't explicitly set menu filtering to false
if( !current_user_can('edit_others_posts') && !is_admin() && $dbOpts['ad_msg_usefilter_menus']!='false') {
//NO MENU!!! If site protect is on, menu filtering is on, and user is anon, remove EVERYTHING
if($dbOpts['ad_opt_protect_site']==='true' &&
(!is_user_logged_in() || $current_user->ID==0)){
return array();
}
//Loop through the content array
foreach($content as $key => $value){
//Get groups that this user is a member of
$useraccess = CTXPS_Queries::get_user_groups($current_user->ID);
//Get groups required to access this page
$pagereqs = self::get_post_protection($value->ID);
//So long as $pagereqs is anything but false
if(!!$pagereqs){
//Determine user access
$secureallowed = self::check_access($useraccess,$pagereqs);
if($secureallowed){
//If we're allowed to access this page
}else{
//If we're NOT allowed to access this page
unset($content[$key]); //Remove content from array
}
}
//If this is an AD page, strip it too
if($dbOpts['ad_msg_usepages']==='true'){
if($value->ID==$dbOpts['ad_page_auth_id'] || $value->ID==$dbOpts['ad_page_anon_id']){
unset($content[$key]);
}
}
}
}
return $content;
}
// ...
/* line 217 */
public static function filter_custom_menus($content,$menu=null){
global $current_user;
//wp_die(sprintf('<pre>%s</pre>',print_r($content,true)));
$dbOpts = get_option('contexture_ps_options');//ad_msg_usefilter_menus
//Do this filtering only if user isn't an admin, in admin section... and provided the user hasn't explicitly set menu filtering to false
if( !current_user_can('edit_others_posts') && !is_admin() && $dbOpts['ad_msg_usefilter_menus']!='false' ) {
//NO MENU!!! If site protect is on, menu filtering is on, and user is anon, remove EVERYTHING
if($dbOpts['ad_opt_protect_site']==='true' &&
(!is_user_logged_in() || $current_user->ID==0)){
return array();
}
//Redundant: Get options (in case we need to strip access denied pages)
//$dbOpts = get_option('contexture_ps_options');
foreach($content as $key => $value){
//Get groups that this user is a member of
$useraccess = CTXPS_Queries::get_user_groups($current_user->ID);
//Determine menu item type to be filtered (post or term)
if ( 'taxonomy' === $value->type ) {
//Get groups required to access this term archive
$pagereqs = self::get_term_protection($value->object_id, $value->object);
}
else {
//Get groups required to access this page (assume post)
$pagereqs = self::get_post_protection($value->object_id);
}
//So long as $pagereqs is anything but false
if(!!$pagereqs){
//Determine user access
$secureallowed = self::check_access($useraccess,$pagereqs);
if($secureallowed){
//If we're allowed to access this page
}else{
//If we're NOT allowed to access this page
unset($content[$key]);
}
}
//If this is an AD page, strip it too
if($dbOpts['ad_msg_usepages']==='true'){
if($value->object_id == $dbOpts['ad_page_auth_id'] || $value->object_id==$dbOpts['ad_page_anon_id']){
unset($content[$key]);
}
}
}
}
return $content;
}
// ...
/* Line 289 */
public static function check_access($UserGroupsArray,$PageSecurityArray){
//Testing...
//wp_die('<h2>User Groups</h2><pre>'.print_r($UserGroupsArray,true).'</pre><h2>Required Groups (by Page/Content)</h2><pre>'.print_r($PageSecurityArray,true).'</pre>');
//If our page-security array is empty, automatically return false (no groups have been granted access)
if( empty($PageSecurityArray) )
return false;
//If our user array is empty, automatically return false (user does not belong to any groups)
if( empty($UserGroupsArray) )
return false;
//Used to count each page that has at least one group
$loopswithgroups = 0;
//Loop through each page's permissions, starting with current page and travelling UP the heirarchy...
foreach($PageSecurityArray as $security_page => $security_secarray){
//Ensure secarray is an array - if not, make it one (needed for some term checks)
if(!is_array($security_secarray))
$security_secarray = array($security_secarray);
//If the current page has group settings attached...
if(count($security_secarray) != 0){
//Increment our group tracking var
$loopswithgroups += 1;
//If any of this user's groups do not match any of this page's groups...
if( count(array_intersect($UserGroupsArray,$security_secarray)) == 0 ){
//We return false as the user does not have access
return false;
}
//No expiration check necessary here. Expired memberships arent returned from db.
}
}
//If no pages have groups, then no-one can access the page
if($loopswithgroups === 0){return false;}
//If we haven't triggered a false return already, return true
return true;
}
// ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment