Changeset 1352152
- Timestamp:
- 02/16/2016 09:42:03 PM (10 years ago)
- Location:
- simple-permissions
- Files:
-
- 2 edited
- 3 copied
-
tags/1.2.4 (copied) (copied from simple-permissions/trunk)
-
tags/1.2.4/readme.txt (copied) (copied from simple-permissions/trunk/readme.txt) (3 diffs)
-
tags/1.2.4/simple-permissions.php (copied) (copied from simple-permissions/trunk/simple-permissions.php) (23 diffs)
-
trunk/readme.txt (modified) (3 diffs)
-
trunk/simple-permissions.php (modified) (23 diffs)
Legend:
- Unmodified
- Added
- Removed
-
simple-permissions/tags/1.2.4/readme.txt
r1217306 r1352152 4 4 Tags: 5 5 Requires at least: 3.5.2 6 Tested up to: 4. 3.07 Stable tag: 1.2. 26 Tested up to: 4.4.2 7 Stable tag: 1.2.4 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 34 34 35 35 == Changelog == 36 37 = 1.2.4 = 38 * Fixed some javascript handling checkboxes on the edit meta box. 39 * Fixed an issue where superadmins could not view protected posts. 36 40 37 41 = 1.2.2 = … … 73 77 == Upgrade Notice == 74 78 79 = 1.2.4 = 80 * Bug fixes. Upgrade recommended. 81 75 82 = 1.2.2 = 76 83 * Required upgrade if using WP 4.3. -
simple-permissions/tags/1.2.4/simple-permissions.php
r1217306 r1352152 2 2 /** 3 3 * @package Simple-Permissions 4 * @version 1.2. 24 * @version 1.2.4 5 5 */ 6 6 /* … … 9 9 Description: Create simple permission groups for reading or editing posts. 10 10 Author: Michael George 11 Version: 1.2. 211 Version: 1.2.4 12 12 13 13 This program is free software; you can redistribute it and/or modify … … 165 165 // [2] Associated object ID 166 166 function spUserCanDo( $allcaps, $cap, $args ) { 167 //error_log( "userCanDo cap: " . print_r( $cap, true ) . " args: " . print_r( $args, true ) );167 //error_log( "userCanDo page: " . $_SERVER['REQUEST_URI'] . " allcaps: " . print_r( $allcaps, true ) . " cap: " . print_r( $cap, true ) . " args: " . print_r( $args, true ) ); 168 168 $protectedOperations = array( 169 169 'delete_page' … … 269 269 $wp_query->found_posts = 1; 270 270 $redirectPost = get_post( $devOptions['redirectPageID'] ); 271 $post->post_content_filtered = apply_filters( 'the_content', $redirectPost->post_content );271 @$post->post_content_filtered = apply_filters( 'the_content', $redirectPost->post_content ); 272 272 $post = get_post( $postid ); 273 273 $post->post_content = $redirectPost->post_content; … … 313 313 global $wpdb; 314 314 global $is404Check; 315 if ( is_user_logged_in() ) { 316 $current_user = wp_get_current_user(); 317 $userID = $current_user->ID; 318 if ( is_super_admin( $userID ) ) { 319 $is404Check = false; 320 return $join; 321 } 322 } 315 323 316 324 if ( ! $is404Check ) { … … 326 334 function spCustomWhere( $where ) { 327 335 global $is404Check; 336 if ( is_user_logged_in() ) { 337 $current_user = wp_get_current_user(); 338 $userID = $current_user->ID; 339 if ( is_super_admin( $userID ) ) { 340 $is404Check = false; 341 return $where; 342 } 343 } 328 344 329 345 if ( ! $is404Check ) { … … 366 382 function spHierarchicalCategoryTree( $cat, $group, $depth = 0 ) { 367 383 $devOptions = $this->spGetAdminOptions(); 368 //echo "<!-- $cat, $depth -->\ r";384 //echo "<!-- $cat, $depth -->\n"; 369 385 $next = get_categories( 'hide_empty=0&orderby=name&order=ASC&parent=' . $cat ); 370 386 if ( ! isset( $group['limitCats'] ) ) { $group['limitCats'] = array(); } … … 373 389 echo "\t"; 374 390 } 375 echo "<ul>\ r";391 echo "<ul>\n"; 376 392 foreach( $next as $cat ) { 377 393 $inArr = in_array( $cat->term_id, $group['limitCats'] ); … … 388 404 echo "\t"; 389 405 } 390 echo "</li>\ r";406 echo "</li>\n"; 391 407 } 392 408 for ( $i = 0; $i < $depth; $i++ ) { 393 409 echo "\t"; 394 410 } 395 echo "</ul>\ r";411 echo "</ul>\n"; 396 412 } 397 413 } … … 438 454 $devOptions = $this->spGetAdminOptions(); 439 455 $workingURL = $_SERVER["REQUEST_URI"]; 440 //echo "<!-- " . print_r( $_POST, true ) . " -->\ r";456 //echo "<!-- " . print_r( $_POST, true ) . " -->\n"; 441 457 442 458 if ( isset( $_POST['update_simplePermissionsGroupSettings'] ) ) { … … 478 494 if ( isset( $_POST['simplePermissionsLimitCats'] ) ) { 479 495 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'] = array(); 480 //echo "<!-- postedLimits: " . print_r( $_POST['simplePermissionsLimitCats'], true ) . " -->\ r";496 //echo "<!-- postedLimits: " . print_r( $_POST['simplePermissionsLimitCats'], true ) . " -->\n"; 481 497 foreach ( $_POST['simplePermissionsLimitCats'] as $cat ) { 482 //echo "<!-- found cat $cat -->\ r";498 //echo "<!-- found cat $cat -->\n"; 483 499 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'][] = (int)$cat; 484 500 } 485 //echo "<!-- limits: " . print_r( $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'], true ) . " -->\ r";501 //echo "<!-- limits: " . print_r( $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'], true ) . " -->\n"; 486 502 } else if ( isset( $_POST['simplePermissionsGroupID'] ) && $_POST['simplePermissionsGroupID'] != 'new' ) { 487 503 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'] = array(); … … 506 522 507 523 if ( isset( $updated ) && $updated !== false && isset( $_GET['spDeleteItAll'] ) && $_GET['spDeleteItAll'] == 1 ) { 508 echo "<div class='updated'><p><strong>All settings and all post permissions deleted.</strong></p></div>\ r";524 echo "<div class='updated'><p><strong>All settings and all post permissions deleted.</strong></p></div>\n"; 509 525 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteItAll' ) ); 510 526 unset( $_GET['spDeleteItAll'] ); … … 512 528 } else if ( isset( $updated ) && $updated === false && isset( $_GET['spDeleteItAll'] ) && $_GET['spDeleteItAll'] == 1 ) { 513 529 global $wpdb; 514 echo "<div class='updated'><p><strong>Settings where deleted, but post permissions were NOT reset.</strong></p><p>You can try again or run this sql manually.</p><pre>DELETE FROM " . $wpdb->postmeta . " WHERE meta_key IN ('simplePermissions_readGroupIDs', 'simplePermissions_writeGroupIDs')</pre></div>\ r";530 echo "<div class='updated'><p><strong>Settings where deleted, but post permissions were NOT reset.</strong></p><p>You can try again or run this sql manually.</p><pre>DELETE FROM " . $wpdb->postmeta . " WHERE meta_key IN ('simplePermissions_readGroupIDs', 'simplePermissions_writeGroupIDs')</pre></div>\n"; 515 531 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteItAll' ) ); 516 532 unset( $_GET['spDeleteItAll'] ); 517 533 $devOptions = $this->spGetAdminOptions(); 518 534 } else if ( isset( $updated ) && $updated ) { 519 echo "<div class='updated'><p><strong>Settings Updated.</strong></p></div>\ r";535 echo "<div class='updated'><p><strong>Settings Updated.</strong></p></div>\n"; 520 536 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteGroup', 'spEditGroup' ) ); 521 537 } else if ( isset( $updated ) && ! $updated ) { 522 echo "<div class='error'><p><strong>Settings failed to update.</strong></p></div>\ r";538 echo "<div class='error'><p><strong>Settings failed to update.</strong></p></div>\n"; 523 539 } 524 540 ?> … … 545 561 } 546 562 547 echo "<h2>Groups<h2>\ r";548 echo "<table id='simplePermissionsGroupsTable' border=1 style='border-collapse: collapse; border: 1px solid black;'>\ r";549 echo "<thead style='background: lightgray;'>\ r";550 echo "\t<tr><th style='padding: 3px;'>Name</th><th style='padding: 3px;'>Members</th><th colspan=2 style='padding: 3px;'>Options</th></tr>\ r";551 echo "</thead>\ r";552 echo "<tbody>\ r";553 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\ r";563 echo "<h2>Groups<h2>\n"; 564 echo "<table id='simplePermissionsGroupsTable' border=1 style='border-collapse: collapse; border: 1px solid black;'>\n"; 565 echo "<thead style='background: lightgray;'>\n"; 566 echo "\t<tr><th style='padding: 3px;'>Name</th><th style='padding: 3px;'>Members</th><th colspan=2 style='padding: 3px;'>Options</th></tr>\n"; 567 echo "</thead>\n"; 568 echo "<tbody>\n"; 569 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\n"; 554 570 foreach ( $devOptions['groups'] as $group ) { 555 571 if ( $group['enabled'] ) { 556 572 echo "\t<tr><td style='padding: 3px;'><strong>" . $group['name'] . "</strong></td><td style='padding: 3px;'>"; 557 573 if ( $group['id'] == 0 ) { 558 echo "Everyone, logged in or not</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\ r";574 echo "Everyone, logged in or not</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\n"; 559 575 } else if ( $group['id'] == 1 ) { 560 echo "All logged in users</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\ r";576 echo "All logged in users</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\n"; 561 577 } else { 562 578 $memberCount = count( $group['members'] ); … … 584 600 } 585 601 } 586 echo "</td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=" . $group['id'] . "'>Edit</a></td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spDeleteGroup=" . $group['id'] . "'>Delete</a></td></tr>\ r";602 echo "</td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=" . $group['id'] . "'>Edit</a></td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spDeleteGroup=" . $group['id'] . "'>Delete</a></td></tr>\n"; 587 603 } 588 604 } 589 605 } 590 606 if ( count( $devOptions['groups'] ) > 2 ) { 591 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\ r";592 } 593 echo "</tbody>\ r";594 echo "</table>\ r";595 596 echo "<h2>Redirect page</h2>\ r";597 echo "<p>This is the page/post ID of the page/post users will be redirected to when they don't have permission to view a page.</p>\ r";598 echo "<input id='simplePermissionsRedirectPageID' type='text' name='simplePermissionsRedirectPageID' value='" . $devOptions['redirectPageID'] . "' style='width: 100px;'>\ r";599 echo "<br>\ r";600 echo "<h2>Limit permission changes</h2>\ r";601 echo "<p>By default, anyone who can edit a post can change the permissions. Choose another role here to limit changes to users who have that role or higher.</p>\ r";602 echo "<select id='simplePermissionsAllowedRole' name='simplePermissionsAllowedRole'>\ r";603 echo "\t<option value='administrator'" . ( $devOptions['allowedRole'] == 'administrator' ? " selected" : "" ) . ">Administrators</option>\ r";604 echo "\t<option value='editor'" . ( $devOptions['allowedRole'] == 'editor' ? " selected" : "" ) . ">Editors</option>\ r";605 echo "\t<option value='author'" . ( $devOptions['allowedRole'] == 'author' ? " selected" : "" ) . ">Authors</option>\ r";606 echo "\t<option value='contributor'" . ( $devOptions['allowedRole'] == 'contributor' ? " selected" : "" ) . ">Contributors</option>\ r";607 echo "</select>\ r";608 echo "<br><br>\ r";609 echo "<input type='submit' value='Save'>\ r";610 echo "<br><br>\ r";611 echo "<h2>Delete everything</h2>\ r";612 echo "<p>In some cases you may wish to delete all settings and saved permissions. The button below will do this.</p>\ r";613 echo "<p>Deactivating or removing this plugin does not remove settings and permissions from the database, so if you want to clean things up, this is the way to do it.</p>\ r";614 echo "<p>It should really be understood that this is a last resort button. You will need to reset ALL permissions afterwords!</p>\ r";607 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\n"; 608 } 609 echo "</tbody>\n"; 610 echo "</table>\n"; 611 612 echo "<h2>Redirect page</h2>\n"; 613 echo "<p>This is the page/post ID of the page/post users will be redirected to when they don't have permission to view a page.</p>\n"; 614 echo "<input id='simplePermissionsRedirectPageID' type='text' name='simplePermissionsRedirectPageID' value='" . $devOptions['redirectPageID'] . "' style='width: 100px;'>\n"; 615 echo "<br>\n"; 616 echo "<h2>Limit permission changes</h2>\n"; 617 echo "<p>By default, anyone who can edit a post can change the permissions. Choose another role here to limit changes to users who have that role or higher.</p>\n"; 618 echo "<select id='simplePermissionsAllowedRole' name='simplePermissionsAllowedRole'>\n"; 619 echo "\t<option value='administrator'" . ( $devOptions['allowedRole'] == 'administrator' ? " selected" : "" ) . ">Administrators</option>\n"; 620 echo "\t<option value='editor'" . ( $devOptions['allowedRole'] == 'editor' ? " selected" : "" ) . ">Editors</option>\n"; 621 echo "\t<option value='author'" . ( $devOptions['allowedRole'] == 'author' ? " selected" : "" ) . ">Authors</option>\n"; 622 echo "\t<option value='contributor'" . ( $devOptions['allowedRole'] == 'contributor' ? " selected" : "" ) . ">Contributors</option>\n"; 623 echo "</select>\n"; 624 echo "<br><br>\n"; 625 echo "<input type='submit' value='Save'>\n"; 626 echo "<br><br>\n"; 627 echo "<h2>Delete everything</h2>\n"; 628 echo "<p>In some cases you may wish to delete all settings and saved permissions. The button below will do this.</p>\n"; 629 echo "<p>Deactivating or removing this plugin does not remove settings and permissions from the database, so if you want to clean things up, this is the way to do it.</p>\n"; 630 echo "<p>It should really be understood that this is a last resort button. You will need to reset ALL permissions afterwords!</p>\n"; 615 631 echo "<input type='button' onclick='location.href=\"http" . ( isset($_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] != 'off' ? "s" : "" ) . "://" . $_SERVER["SERVER_NAME"] . $_SERVER['REQUEST_URI'] . "&spDeleteItAll=1\"' name='simplePermissionsDeleteItAll' value='Delete It All'>"; 616 632 } else if ( isset( $_GET['spEditGroup'] ) ) { 617 echo "<h2>Group Name</h2>\ r";618 echo "<input type='text' style='width: 250px;' name='simplePermissionsNewGroupName' value='" . $devOptions['groups'][$_GET['spEditGroup']]['name'] . "'>\ r";619 echo "<input type='hidden' name='simplePermissionsOldGroupName' value='" . ( $_GET['spEditGroup'] == 'new' ? '' : $devOptions['groups'][$_GET['spEditGroup']]['name'] ) . "'>\ r";620 echo "<input type='hidden' name='simplePermissionsGroupID' value='" . ( $_GET['spEditGroup'] == 'new' ? $this->spGetNextGroupID() : $_GET['spEditGroup'] ) . "'>\ r";621 622 echo "<h2>Members</h2>\ r";623 echo "<p>One username per line.</p>\ r";624 echo "<textarea rows=10 cols=25 spellcheck='false' name='simplePermissionsGroupMembers'>\ r";633 echo "<h2>Group Name</h2>\n"; 634 echo "<input type='text' style='width: 250px;' name='simplePermissionsNewGroupName' value='" . $devOptions['groups'][$_GET['spEditGroup']]['name'] . "'>\n"; 635 echo "<input type='hidden' name='simplePermissionsOldGroupName' value='" . ( $_GET['spEditGroup'] == 'new' ? '' : $devOptions['groups'][$_GET['spEditGroup']]['name'] ) . "'>\n"; 636 echo "<input type='hidden' name='simplePermissionsGroupID' value='" . ( $_GET['spEditGroup'] == 'new' ? $this->spGetNextGroupID() : $_GET['spEditGroup'] ) . "'>\n"; 637 638 echo "<h2>Members</h2>\n"; 639 echo "<p>One username per line.</p>\n"; 640 echo "<textarea rows=10 cols=25 spellcheck='false' name='simplePermissionsGroupMembers'>\n"; 625 641 if ( $_GET['spEditGroup'] != 'new' ) { 626 642 $members = array(); … … 633 649 natcasesort( $members ); 634 650 foreach ( $members as $member ) { 635 echo $member . "\ r";636 } 637 } 638 echo "</textarea>\ r";639 echo "<br><br>\ r";651 echo $member . "\n"; 652 } 653 } 654 echo "</textarea>\n"; 655 echo "<br><br>\n"; 640 656 641 657 //Category limiting 642 658 //as of 1.1.0 643 echo "<h2>Prevent posting in these categories</h2>\ r";659 echo "<h2>Prevent posting in these categories</h2>\n"; 644 660 $this->spHierarchicalCategoryTree( 0, $devOptions['groups'][$_GET['spEditGroup']], 0 ); 645 echo "<br><br>\ r";646 647 echo "<input type='submit' value='Save'>\ r";661 echo "<br><br>\n"; 662 663 echo "<input type='submit' value='Save'>\n"; 648 664 } else if ( isset( $_GET['spDeleteGroup'] ) ) { 649 echo "<h2>Confirm Group Delete</h2>\ r";650 echo "<p>Clicking the button below will delete the group named \"" . $devOptions['groups'][$_GET['spDeleteGroup']]['name'] . "\". Are you sure you want to delete this group?</p>\ r";651 echo "<input type='hidden' name='spDeleteGroupConfirmed' value='" . $_GET['spDeleteGroup'] . "'>\ r";652 echo "<input type='submit' value='Delete'>\ r";665 echo "<h2>Confirm Group Delete</h2>\n"; 666 echo "<p>Clicking the button below will delete the group named \"" . $devOptions['groups'][$_GET['spDeleteGroup']]['name'] . "\". Are you sure you want to delete this group?</p>\n"; 667 echo "<input type='hidden' name='spDeleteGroupConfirmed' value='" . $_GET['spDeleteGroup'] . "'>\n"; 668 echo "<input type='submit' value='Delete'>\n"; 653 669 } 654 670 ?> … … 742 758 if ( ! in_array( 'contributor', $user->roles ) ) $user->roles[] = 'contributor'; 743 759 } 744 //echo "<!-- " . print_r( $user->roles, true ) . " -->\ r";760 //echo "<!-- " . print_r( $user->roles, true ) . " -->\n"; 745 761 if ( in_array( $devOptions['allowedRole'], (array) $user->roles ) ) { 746 762 $add = true; … … 752 768 } 753 769 if ( $add ) { 754 //echo "<!-- adding meta box -->\ r";770 //echo "<!-- adding meta box -->\n"; 755 771 add_meta_box( 756 772 'simplepermissions_meta_box' … … 762 778 ); 763 779 } else { 764 //echo "<!-- not adding meta box -->\ r";780 //echo "<!-- not adding meta box -->\n"; 765 781 } 766 782 } … … 775 791 <input type='hidden' name='update_simplePermissionsForPost' value='1'> 776 792 <script> 777 function sp_handleCheckboxClick( cb ) { 778 if ( cb.checked && cb.name.indexOf("write") != -1 ) { 779 var readCheckboxID = cb.name.replace( "write", "read" ); 780 var readCheckbox = document.getElementById( readCheckboxID ); 781 if ( readCheckbox.checked === false ) { 782 readCheckbox.checked = true; 783 } 784 var grpNum = cb.name.split("_")[2]; 785 if ( grpNum == 0 || grpNum == 1 ) { 786 var readWarning = document.getElementById( "sp_readabilityWarning" ); 787 readWarning.style.display = 'block'; 788 } 789 } else if ( ! cb.checked && cb.name.indexOf("read") != -1 ) { 790 var writeCheckboxID = cb.name.replace( "read", "write" ); 791 var writeCheckbox = document.getElementById( writeCheckboxID ); 792 if ( writeCheckbox != null ) { 793 if ( writeCheckbox.checked === true ) { 794 writeCheckbox.checked = false; 795 } 796 } 797 var grpNum = cb.name.split("_")[2]; 798 if ( grpNum == 0 || grpNum == 1 ) { 799 var readWarning = document.getElementById( "sp_readabilityWarning" ); 793 function sp_handleCheckboxClick( cb ) { 794 //Checked the write checkbox 795 if ( cb.checked && cb.name.indexOf("write") != -1 ) { 796 var readCheckboxID = cb.name.replace( "write", "read" ); 797 var readCheckbox = document.getElementById( readCheckboxID ); 798 if ( readCheckbox.checked === false ) { 799 readCheckbox.checked = true; 800 } 801 //Unchecked the read checkbox 802 } else if ( ! cb.checked && cb.name.indexOf("read") != -1 ) { 803 var writeCheckboxID = cb.name.replace( "read", "write" ); 804 var writeCheckbox = document.getElementById( writeCheckboxID ); 805 if ( writeCheckbox != null ) { 806 if ( writeCheckbox.checked === true ) { 807 writeCheckbox.checked = false; 808 } 809 } 810 //checked the read checkbox 811 } else if ( cb.checked && cb.name.indexOf("read") != -1 ) { 812 } 813 //Now check to see what, if any, warning to show 814 var showWarningBox = false; 815 var showPublicWarning = false; 816 var showReadMoreWarning = false; 817 jQuery(".sp_readCheckbox").each(function() { 818 var grpNum = this.name.split("_")[2]; 819 if ( ( grpNum === '0' || grpNum === '1' ) && this.checked ) { 820 showWarningBox = true; 821 showPublicWarning = true; 822 } else if ( ( grpNum !== '0' || grpNum !== '1' ) && this.checked ) { 823 showWarningBox = true; 824 showReadMoreWarning = true; 825 } 826 }); 827 var readWarning = document.getElementById( "sp_readabilityWarning" ); 828 var publicWarning = document.getElementById( "sp_readabilityPublicWarning" ); 829 var readMoreWarning = document.getElementById( "sp_readabilityReadMoreWarning" ); 830 if ( showWarningBox ) { 831 readWarning.style.display = 'block'; 832 if ( showPublicWarning ) { 833 publicWarning.style.display = 'block'; 834 } else { 835 publicWarning.style.display = 'none'; 836 } 837 if ( showReadMoreWarning && ! showPublicWarning ) { 838 readMoreWarning.style.display = 'block'; 839 } else { 840 readMoreWarning.style.display = 'none'; 841 } 842 } else { 800 843 readWarning.style.display = 'none'; 801 } 802 } else if ( cb.checked && cb.name.indexOf("read") != -1 ) { 803 var grpNum = cb.name.split("_")[2]; 804 if ( grpNum == 0 || grpNum == 1 ) { 805 var readWarning = document.getElementById( "sp_readabilityWarning" ); 806 readWarning.style.display = 'block'; 807 } 808 } 809 } 844 publicWarning.style.display = 'none'; 845 readMoreWarning.style.display = 'none'; 846 } 847 } 810 848 </script> 811 849 <input type='hidden' name='simplePermissions_changepermissions' value='true' /> 812 850 <div id='sp_tableDiv' style='float: left;'> 813 <table border=1 style='border-collapse: collapse; border: 1px solid gray; max-width: 400px;'> 814 <thead style='background: lightgray;'> 815 <tr><th style='padding: 3px;'>Group Name</th><th style='width: 44px;'>Read</th><th style='width: 46px;'>Write</th></tr> 816 </thead> 817 <tbody><?php 818 $showReadabilityWarning = false; 851 <table border=1 style='border-collapse: collapse; border: 1px solid gray; max-width: 400px;'> 852 <thead style='background: lightgray;'> 853 <tr><th style='padding: 3px;'>Group Name</th><th style='width: 44px;'>Read</th><th style='width: 46px;'>Write</th></tr> 854 </thead> 855 <tbody> 856 <?php 857 $showWarningBox = false; 858 $showPlublicWarning = false; 859 $showReadMoreWarning = false; 819 860 foreach ( $devOptions['groups'] as $group ) { 820 861 $spMDArraySearchResult = spMDArraySearch( $permissions, 'id', $group['id'] ); … … 822 863 $permission = $permissions[$spMDArraySearchResult]['permission']; 823 864 if ( $group['id'] == 0 || $group['id'] == 1 ) { 824 $showReadabilityWarning = true; 865 $showWarningBox = true; 866 $showPlublicWarning = true; 867 } else { 868 $showWarningBox = true; 869 $showReadMoreWarning = true; 825 870 } 826 871 } else { … … 828 873 } 829 874 if ( $group['id'] != 0 && $group['id'] != 1 ) { 830 echo "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>";831 echo "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";875 echo "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 876 echo "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 832 877 } else if ( $group['id'] == 1 ) { 833 $loggedIn = "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>\r";834 $loggedIn .= "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";878 $loggedIn = "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 879 $loggedIn .= "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 835 880 } else if ( $group['id'] == 0 ) { 836 $public = "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>\r";837 $public .= "<td ><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";881 $public = "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 882 $public .= "<td style='display: none;'><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 838 883 } 839 884 } 840 885 echo $loggedIn; 841 886 echo $public;?> 842 </tbody>843 </table>887 </tbody> 888 </table> 844 889 </div> 845 <div id='sp_readabilityWarning' style='float: left; border: 1px solid black; background: lightgray; margin-left: 30px; width: 300px; display: <?php echo ( $showReadabilityWarning ? 'block' : 'none' ); ?>;'> 846 <p style='text-align: center;'><strong>Attention:</strong></p> 847 <p style='padding-left: 5px; padding-right: 5px;'>You have selected to make this document readable to "Public" and/or "Logged In Users". This will override any other groups ability or inability to read this document. Write permissions are NOT affected.</p> 890 <div id='sp_readabilityWarning' style='float: left; border: 1px solid black; background: lightgray; margin-left: 30px; width: 300px; display: <?php echo ( $showWarningBox ? 'block' : 'none' ); ?>;'> 891 <p style='text-align: center;'><strong>Attention:</strong></p> 892 <p style='padding-left: 5px; padding-right: 5px; display: <?php echo ( $showPlublicWarning ? 'block' : 'none' ); ?>;' id='sp_readabilityPublicWarning'>You have selected to make this document readable to "Public" and/or "Logged In Users". This will override any other groups ability or inability to read this document. Write permissions are NOT affected.</p> 893 <p style='padding-left: 5px; padding-right: 5px; display: <?php echo ( $showReadMoreWarning && ! $showPlublicWarning ? 'block' : 'none' ); ?>;' id='sp_readabilityReadMoreWarning'>You have selected to make this document readable by a specific group and not "Public" or "Logged In Users". This post may be exposed in a way you don't intend within search results. It is a good idea to make sure you use a "read more" tag at or near the top of the post.</p> 848 894 </div> 849 895 <div style='clear: both; margin-bottom: -10px;'> </div><?php … … 858 904 add_filter( 'plugin_action_links_' . plugin_basename( plugin_dir_path( __FILE__ ) . 'simple-permissions.php' ), array( &$svvsd_simplePermissions, 'spSettingsLink' ) ); 859 905 add_filter( 'user_has_cap', array( &$svvsd_simplePermissions, 'spUserCanDo' ), 99, 3 ); // priority 99 means it goes last-ish 906 //add_filter( 'map_meta_cap', array( &$svvsd_simplePermissions, 'spMapMetaCap' ), 10, 4 ); 860 907 add_filter( 'posts_join', array( &$svvsd_simplePermissions, 'spCustomJoin' ) ); 861 908 add_filter( 'posts_where', array( &$svvsd_simplePermissions, 'spCustomWhere' ) ); -
simple-permissions/trunk/readme.txt
r1217306 r1352152 4 4 Tags: 5 5 Requires at least: 3.5.2 6 Tested up to: 4. 3.07 Stable tag: 1.2. 26 Tested up to: 4.4.2 7 Stable tag: 1.2.4 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 34 34 35 35 == Changelog == 36 37 = 1.2.4 = 38 * Fixed some javascript handling checkboxes on the edit meta box. 39 * Fixed an issue where superadmins could not view protected posts. 36 40 37 41 = 1.2.2 = … … 73 77 == Upgrade Notice == 74 78 79 = 1.2.4 = 80 * Bug fixes. Upgrade recommended. 81 75 82 = 1.2.2 = 76 83 * Required upgrade if using WP 4.3. -
simple-permissions/trunk/simple-permissions.php
r1217306 r1352152 2 2 /** 3 3 * @package Simple-Permissions 4 * @version 1.2. 24 * @version 1.2.4 5 5 */ 6 6 /* … … 9 9 Description: Create simple permission groups for reading or editing posts. 10 10 Author: Michael George 11 Version: 1.2. 211 Version: 1.2.4 12 12 13 13 This program is free software; you can redistribute it and/or modify … … 165 165 // [2] Associated object ID 166 166 function spUserCanDo( $allcaps, $cap, $args ) { 167 //error_log( "userCanDo cap: " . print_r( $cap, true ) . " args: " . print_r( $args, true ) );167 //error_log( "userCanDo page: " . $_SERVER['REQUEST_URI'] . " allcaps: " . print_r( $allcaps, true ) . " cap: " . print_r( $cap, true ) . " args: " . print_r( $args, true ) ); 168 168 $protectedOperations = array( 169 169 'delete_page' … … 269 269 $wp_query->found_posts = 1; 270 270 $redirectPost = get_post( $devOptions['redirectPageID'] ); 271 $post->post_content_filtered = apply_filters( 'the_content', $redirectPost->post_content );271 @$post->post_content_filtered = apply_filters( 'the_content', $redirectPost->post_content ); 272 272 $post = get_post( $postid ); 273 273 $post->post_content = $redirectPost->post_content; … … 313 313 global $wpdb; 314 314 global $is404Check; 315 if ( is_user_logged_in() ) { 316 $current_user = wp_get_current_user(); 317 $userID = $current_user->ID; 318 if ( is_super_admin( $userID ) ) { 319 $is404Check = false; 320 return $join; 321 } 322 } 315 323 316 324 if ( ! $is404Check ) { … … 326 334 function spCustomWhere( $where ) { 327 335 global $is404Check; 336 if ( is_user_logged_in() ) { 337 $current_user = wp_get_current_user(); 338 $userID = $current_user->ID; 339 if ( is_super_admin( $userID ) ) { 340 $is404Check = false; 341 return $where; 342 } 343 } 328 344 329 345 if ( ! $is404Check ) { … … 366 382 function spHierarchicalCategoryTree( $cat, $group, $depth = 0 ) { 367 383 $devOptions = $this->spGetAdminOptions(); 368 //echo "<!-- $cat, $depth -->\ r";384 //echo "<!-- $cat, $depth -->\n"; 369 385 $next = get_categories( 'hide_empty=0&orderby=name&order=ASC&parent=' . $cat ); 370 386 if ( ! isset( $group['limitCats'] ) ) { $group['limitCats'] = array(); } … … 373 389 echo "\t"; 374 390 } 375 echo "<ul>\ r";391 echo "<ul>\n"; 376 392 foreach( $next as $cat ) { 377 393 $inArr = in_array( $cat->term_id, $group['limitCats'] ); … … 388 404 echo "\t"; 389 405 } 390 echo "</li>\ r";406 echo "</li>\n"; 391 407 } 392 408 for ( $i = 0; $i < $depth; $i++ ) { 393 409 echo "\t"; 394 410 } 395 echo "</ul>\ r";411 echo "</ul>\n"; 396 412 } 397 413 } … … 438 454 $devOptions = $this->spGetAdminOptions(); 439 455 $workingURL = $_SERVER["REQUEST_URI"]; 440 //echo "<!-- " . print_r( $_POST, true ) . " -->\ r";456 //echo "<!-- " . print_r( $_POST, true ) . " -->\n"; 441 457 442 458 if ( isset( $_POST['update_simplePermissionsGroupSettings'] ) ) { … … 478 494 if ( isset( $_POST['simplePermissionsLimitCats'] ) ) { 479 495 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'] = array(); 480 //echo "<!-- postedLimits: " . print_r( $_POST['simplePermissionsLimitCats'], true ) . " -->\ r";496 //echo "<!-- postedLimits: " . print_r( $_POST['simplePermissionsLimitCats'], true ) . " -->\n"; 481 497 foreach ( $_POST['simplePermissionsLimitCats'] as $cat ) { 482 //echo "<!-- found cat $cat -->\ r";498 //echo "<!-- found cat $cat -->\n"; 483 499 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'][] = (int)$cat; 484 500 } 485 //echo "<!-- limits: " . print_r( $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'], true ) . " -->\ r";501 //echo "<!-- limits: " . print_r( $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'], true ) . " -->\n"; 486 502 } else if ( isset( $_POST['simplePermissionsGroupID'] ) && $_POST['simplePermissionsGroupID'] != 'new' ) { 487 503 $devOptions['groups'][(int)$_POST['simplePermissionsGroupID']]['limitCats'] = array(); … … 506 522 507 523 if ( isset( $updated ) && $updated !== false && isset( $_GET['spDeleteItAll'] ) && $_GET['spDeleteItAll'] == 1 ) { 508 echo "<div class='updated'><p><strong>All settings and all post permissions deleted.</strong></p></div>\ r";524 echo "<div class='updated'><p><strong>All settings and all post permissions deleted.</strong></p></div>\n"; 509 525 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteItAll' ) ); 510 526 unset( $_GET['spDeleteItAll'] ); … … 512 528 } else if ( isset( $updated ) && $updated === false && isset( $_GET['spDeleteItAll'] ) && $_GET['spDeleteItAll'] == 1 ) { 513 529 global $wpdb; 514 echo "<div class='updated'><p><strong>Settings where deleted, but post permissions were NOT reset.</strong></p><p>You can try again or run this sql manually.</p><pre>DELETE FROM " . $wpdb->postmeta . " WHERE meta_key IN ('simplePermissions_readGroupIDs', 'simplePermissions_writeGroupIDs')</pre></div>\ r";530 echo "<div class='updated'><p><strong>Settings where deleted, but post permissions were NOT reset.</strong></p><p>You can try again or run this sql manually.</p><pre>DELETE FROM " . $wpdb->postmeta . " WHERE meta_key IN ('simplePermissions_readGroupIDs', 'simplePermissions_writeGroupIDs')</pre></div>\n"; 515 531 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteItAll' ) ); 516 532 unset( $_GET['spDeleteItAll'] ); 517 533 $devOptions = $this->spGetAdminOptions(); 518 534 } else if ( isset( $updated ) && $updated ) { 519 echo "<div class='updated'><p><strong>Settings Updated.</strong></p></div>\ r";535 echo "<div class='updated'><p><strong>Settings Updated.</strong></p></div>\n"; 520 536 $workingURL = spDelArgFromURL( $_SERVER["REQUEST_URI"], array( 'spDeleteGroup', 'spEditGroup' ) ); 521 537 } else if ( isset( $updated ) && ! $updated ) { 522 echo "<div class='error'><p><strong>Settings failed to update.</strong></p></div>\ r";538 echo "<div class='error'><p><strong>Settings failed to update.</strong></p></div>\n"; 523 539 } 524 540 ?> … … 545 561 } 546 562 547 echo "<h2>Groups<h2>\ r";548 echo "<table id='simplePermissionsGroupsTable' border=1 style='border-collapse: collapse; border: 1px solid black;'>\ r";549 echo "<thead style='background: lightgray;'>\ r";550 echo "\t<tr><th style='padding: 3px;'>Name</th><th style='padding: 3px;'>Members</th><th colspan=2 style='padding: 3px;'>Options</th></tr>\ r";551 echo "</thead>\ r";552 echo "<tbody>\ r";553 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\ r";563 echo "<h2>Groups<h2>\n"; 564 echo "<table id='simplePermissionsGroupsTable' border=1 style='border-collapse: collapse; border: 1px solid black;'>\n"; 565 echo "<thead style='background: lightgray;'>\n"; 566 echo "\t<tr><th style='padding: 3px;'>Name</th><th style='padding: 3px;'>Members</th><th colspan=2 style='padding: 3px;'>Options</th></tr>\n"; 567 echo "</thead>\n"; 568 echo "<tbody>\n"; 569 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\n"; 554 570 foreach ( $devOptions['groups'] as $group ) { 555 571 if ( $group['enabled'] ) { 556 572 echo "\t<tr><td style='padding: 3px;'><strong>" . $group['name'] . "</strong></td><td style='padding: 3px;'>"; 557 573 if ( $group['id'] == 0 ) { 558 echo "Everyone, logged in or not</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\ r";574 echo "Everyone, logged in or not</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\n"; 559 575 } else if ( $group['id'] == 1 ) { 560 echo "All logged in users</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\ r";576 echo "All logged in users</td><td style='padding: 3px;'></td><td style='padding: 3px;'></td></tr>\n"; 561 577 } else { 562 578 $memberCount = count( $group['members'] ); … … 584 600 } 585 601 } 586 echo "</td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=" . $group['id'] . "'>Edit</a></td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spDeleteGroup=" . $group['id'] . "'>Delete</a></td></tr>\ r";602 echo "</td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=" . $group['id'] . "'>Edit</a></td><td style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spDeleteGroup=" . $group['id'] . "'>Delete</a></td></tr>\n"; 587 603 } 588 604 } 589 605 } 590 606 if ( count( $devOptions['groups'] ) > 2 ) { 591 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\ r";592 } 593 echo "</tbody>\ r";594 echo "</table>\ r";595 596 echo "<h2>Redirect page</h2>\ r";597 echo "<p>This is the page/post ID of the page/post users will be redirected to when they don't have permission to view a page.</p>\ r";598 echo "<input id='simplePermissionsRedirectPageID' type='text' name='simplePermissionsRedirectPageID' value='" . $devOptions['redirectPageID'] . "' style='width: 100px;'>\ r";599 echo "<br>\ r";600 echo "<h2>Limit permission changes</h2>\ r";601 echo "<p>By default, anyone who can edit a post can change the permissions. Choose another role here to limit changes to users who have that role or higher.</p>\ r";602 echo "<select id='simplePermissionsAllowedRole' name='simplePermissionsAllowedRole'>\ r";603 echo "\t<option value='administrator'" . ( $devOptions['allowedRole'] == 'administrator' ? " selected" : "" ) . ">Administrators</option>\ r";604 echo "\t<option value='editor'" . ( $devOptions['allowedRole'] == 'editor' ? " selected" : "" ) . ">Editors</option>\ r";605 echo "\t<option value='author'" . ( $devOptions['allowedRole'] == 'author' ? " selected" : "" ) . ">Authors</option>\ r";606 echo "\t<option value='contributor'" . ( $devOptions['allowedRole'] == 'contributor' ? " selected" : "" ) . ">Contributors</option>\ r";607 echo "</select>\ r";608 echo "<br><br>\ r";609 echo "<input type='submit' value='Save'>\ r";610 echo "<br><br>\ r";611 echo "<h2>Delete everything</h2>\ r";612 echo "<p>In some cases you may wish to delete all settings and saved permissions. The button below will do this.</p>\ r";613 echo "<p>Deactivating or removing this plugin does not remove settings and permissions from the database, so if you want to clean things up, this is the way to do it.</p>\ r";614 echo "<p>It should really be understood that this is a last resort button. You will need to reset ALL permissions afterwords!</p>\ r";607 echo "\t<tr><td colspan=4 style='padding: 3px;'><a href='" . $_SERVER["REQUEST_URI"] . "&spEditGroup=new'>New Group</a></td></tr>\n"; 608 } 609 echo "</tbody>\n"; 610 echo "</table>\n"; 611 612 echo "<h2>Redirect page</h2>\n"; 613 echo "<p>This is the page/post ID of the page/post users will be redirected to when they don't have permission to view a page.</p>\n"; 614 echo "<input id='simplePermissionsRedirectPageID' type='text' name='simplePermissionsRedirectPageID' value='" . $devOptions['redirectPageID'] . "' style='width: 100px;'>\n"; 615 echo "<br>\n"; 616 echo "<h2>Limit permission changes</h2>\n"; 617 echo "<p>By default, anyone who can edit a post can change the permissions. Choose another role here to limit changes to users who have that role or higher.</p>\n"; 618 echo "<select id='simplePermissionsAllowedRole' name='simplePermissionsAllowedRole'>\n"; 619 echo "\t<option value='administrator'" . ( $devOptions['allowedRole'] == 'administrator' ? " selected" : "" ) . ">Administrators</option>\n"; 620 echo "\t<option value='editor'" . ( $devOptions['allowedRole'] == 'editor' ? " selected" : "" ) . ">Editors</option>\n"; 621 echo "\t<option value='author'" . ( $devOptions['allowedRole'] == 'author' ? " selected" : "" ) . ">Authors</option>\n"; 622 echo "\t<option value='contributor'" . ( $devOptions['allowedRole'] == 'contributor' ? " selected" : "" ) . ">Contributors</option>\n"; 623 echo "</select>\n"; 624 echo "<br><br>\n"; 625 echo "<input type='submit' value='Save'>\n"; 626 echo "<br><br>\n"; 627 echo "<h2>Delete everything</h2>\n"; 628 echo "<p>In some cases you may wish to delete all settings and saved permissions. The button below will do this.</p>\n"; 629 echo "<p>Deactivating or removing this plugin does not remove settings and permissions from the database, so if you want to clean things up, this is the way to do it.</p>\n"; 630 echo "<p>It should really be understood that this is a last resort button. You will need to reset ALL permissions afterwords!</p>\n"; 615 631 echo "<input type='button' onclick='location.href=\"http" . ( isset($_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] != 'off' ? "s" : "" ) . "://" . $_SERVER["SERVER_NAME"] . $_SERVER['REQUEST_URI'] . "&spDeleteItAll=1\"' name='simplePermissionsDeleteItAll' value='Delete It All'>"; 616 632 } else if ( isset( $_GET['spEditGroup'] ) ) { 617 echo "<h2>Group Name</h2>\ r";618 echo "<input type='text' style='width: 250px;' name='simplePermissionsNewGroupName' value='" . $devOptions['groups'][$_GET['spEditGroup']]['name'] . "'>\ r";619 echo "<input type='hidden' name='simplePermissionsOldGroupName' value='" . ( $_GET['spEditGroup'] == 'new' ? '' : $devOptions['groups'][$_GET['spEditGroup']]['name'] ) . "'>\ r";620 echo "<input type='hidden' name='simplePermissionsGroupID' value='" . ( $_GET['spEditGroup'] == 'new' ? $this->spGetNextGroupID() : $_GET['spEditGroup'] ) . "'>\ r";621 622 echo "<h2>Members</h2>\ r";623 echo "<p>One username per line.</p>\ r";624 echo "<textarea rows=10 cols=25 spellcheck='false' name='simplePermissionsGroupMembers'>\ r";633 echo "<h2>Group Name</h2>\n"; 634 echo "<input type='text' style='width: 250px;' name='simplePermissionsNewGroupName' value='" . $devOptions['groups'][$_GET['spEditGroup']]['name'] . "'>\n"; 635 echo "<input type='hidden' name='simplePermissionsOldGroupName' value='" . ( $_GET['spEditGroup'] == 'new' ? '' : $devOptions['groups'][$_GET['spEditGroup']]['name'] ) . "'>\n"; 636 echo "<input type='hidden' name='simplePermissionsGroupID' value='" . ( $_GET['spEditGroup'] == 'new' ? $this->spGetNextGroupID() : $_GET['spEditGroup'] ) . "'>\n"; 637 638 echo "<h2>Members</h2>\n"; 639 echo "<p>One username per line.</p>\n"; 640 echo "<textarea rows=10 cols=25 spellcheck='false' name='simplePermissionsGroupMembers'>\n"; 625 641 if ( $_GET['spEditGroup'] != 'new' ) { 626 642 $members = array(); … … 633 649 natcasesort( $members ); 634 650 foreach ( $members as $member ) { 635 echo $member . "\ r";636 } 637 } 638 echo "</textarea>\ r";639 echo "<br><br>\ r";651 echo $member . "\n"; 652 } 653 } 654 echo "</textarea>\n"; 655 echo "<br><br>\n"; 640 656 641 657 //Category limiting 642 658 //as of 1.1.0 643 echo "<h2>Prevent posting in these categories</h2>\ r";659 echo "<h2>Prevent posting in these categories</h2>\n"; 644 660 $this->spHierarchicalCategoryTree( 0, $devOptions['groups'][$_GET['spEditGroup']], 0 ); 645 echo "<br><br>\ r";646 647 echo "<input type='submit' value='Save'>\ r";661 echo "<br><br>\n"; 662 663 echo "<input type='submit' value='Save'>\n"; 648 664 } else if ( isset( $_GET['spDeleteGroup'] ) ) { 649 echo "<h2>Confirm Group Delete</h2>\ r";650 echo "<p>Clicking the button below will delete the group named \"" . $devOptions['groups'][$_GET['spDeleteGroup']]['name'] . "\". Are you sure you want to delete this group?</p>\ r";651 echo "<input type='hidden' name='spDeleteGroupConfirmed' value='" . $_GET['spDeleteGroup'] . "'>\ r";652 echo "<input type='submit' value='Delete'>\ r";665 echo "<h2>Confirm Group Delete</h2>\n"; 666 echo "<p>Clicking the button below will delete the group named \"" . $devOptions['groups'][$_GET['spDeleteGroup']]['name'] . "\". Are you sure you want to delete this group?</p>\n"; 667 echo "<input type='hidden' name='spDeleteGroupConfirmed' value='" . $_GET['spDeleteGroup'] . "'>\n"; 668 echo "<input type='submit' value='Delete'>\n"; 653 669 } 654 670 ?> … … 742 758 if ( ! in_array( 'contributor', $user->roles ) ) $user->roles[] = 'contributor'; 743 759 } 744 //echo "<!-- " . print_r( $user->roles, true ) . " -->\ r";760 //echo "<!-- " . print_r( $user->roles, true ) . " -->\n"; 745 761 if ( in_array( $devOptions['allowedRole'], (array) $user->roles ) ) { 746 762 $add = true; … … 752 768 } 753 769 if ( $add ) { 754 //echo "<!-- adding meta box -->\ r";770 //echo "<!-- adding meta box -->\n"; 755 771 add_meta_box( 756 772 'simplepermissions_meta_box' … … 762 778 ); 763 779 } else { 764 //echo "<!-- not adding meta box -->\ r";780 //echo "<!-- not adding meta box -->\n"; 765 781 } 766 782 } … … 775 791 <input type='hidden' name='update_simplePermissionsForPost' value='1'> 776 792 <script> 777 function sp_handleCheckboxClick( cb ) { 778 if ( cb.checked && cb.name.indexOf("write") != -1 ) { 779 var readCheckboxID = cb.name.replace( "write", "read" ); 780 var readCheckbox = document.getElementById( readCheckboxID ); 781 if ( readCheckbox.checked === false ) { 782 readCheckbox.checked = true; 783 } 784 var grpNum = cb.name.split("_")[2]; 785 if ( grpNum == 0 || grpNum == 1 ) { 786 var readWarning = document.getElementById( "sp_readabilityWarning" ); 787 readWarning.style.display = 'block'; 788 } 789 } else if ( ! cb.checked && cb.name.indexOf("read") != -1 ) { 790 var writeCheckboxID = cb.name.replace( "read", "write" ); 791 var writeCheckbox = document.getElementById( writeCheckboxID ); 792 if ( writeCheckbox != null ) { 793 if ( writeCheckbox.checked === true ) { 794 writeCheckbox.checked = false; 795 } 796 } 797 var grpNum = cb.name.split("_")[2]; 798 if ( grpNum == 0 || grpNum == 1 ) { 799 var readWarning = document.getElementById( "sp_readabilityWarning" ); 793 function sp_handleCheckboxClick( cb ) { 794 //Checked the write checkbox 795 if ( cb.checked && cb.name.indexOf("write") != -1 ) { 796 var readCheckboxID = cb.name.replace( "write", "read" ); 797 var readCheckbox = document.getElementById( readCheckboxID ); 798 if ( readCheckbox.checked === false ) { 799 readCheckbox.checked = true; 800 } 801 //Unchecked the read checkbox 802 } else if ( ! cb.checked && cb.name.indexOf("read") != -1 ) { 803 var writeCheckboxID = cb.name.replace( "read", "write" ); 804 var writeCheckbox = document.getElementById( writeCheckboxID ); 805 if ( writeCheckbox != null ) { 806 if ( writeCheckbox.checked === true ) { 807 writeCheckbox.checked = false; 808 } 809 } 810 //checked the read checkbox 811 } else if ( cb.checked && cb.name.indexOf("read") != -1 ) { 812 } 813 //Now check to see what, if any, warning to show 814 var showWarningBox = false; 815 var showPublicWarning = false; 816 var showReadMoreWarning = false; 817 jQuery(".sp_readCheckbox").each(function() { 818 var grpNum = this.name.split("_")[2]; 819 if ( ( grpNum === '0' || grpNum === '1' ) && this.checked ) { 820 showWarningBox = true; 821 showPublicWarning = true; 822 } else if ( ( grpNum !== '0' || grpNum !== '1' ) && this.checked ) { 823 showWarningBox = true; 824 showReadMoreWarning = true; 825 } 826 }); 827 var readWarning = document.getElementById( "sp_readabilityWarning" ); 828 var publicWarning = document.getElementById( "sp_readabilityPublicWarning" ); 829 var readMoreWarning = document.getElementById( "sp_readabilityReadMoreWarning" ); 830 if ( showWarningBox ) { 831 readWarning.style.display = 'block'; 832 if ( showPublicWarning ) { 833 publicWarning.style.display = 'block'; 834 } else { 835 publicWarning.style.display = 'none'; 836 } 837 if ( showReadMoreWarning && ! showPublicWarning ) { 838 readMoreWarning.style.display = 'block'; 839 } else { 840 readMoreWarning.style.display = 'none'; 841 } 842 } else { 800 843 readWarning.style.display = 'none'; 801 } 802 } else if ( cb.checked && cb.name.indexOf("read") != -1 ) { 803 var grpNum = cb.name.split("_")[2]; 804 if ( grpNum == 0 || grpNum == 1 ) { 805 var readWarning = document.getElementById( "sp_readabilityWarning" ); 806 readWarning.style.display = 'block'; 807 } 808 } 809 } 844 publicWarning.style.display = 'none'; 845 readMoreWarning.style.display = 'none'; 846 } 847 } 810 848 </script> 811 849 <input type='hidden' name='simplePermissions_changepermissions' value='true' /> 812 850 <div id='sp_tableDiv' style='float: left;'> 813 <table border=1 style='border-collapse: collapse; border: 1px solid gray; max-width: 400px;'> 814 <thead style='background: lightgray;'> 815 <tr><th style='padding: 3px;'>Group Name</th><th style='width: 44px;'>Read</th><th style='width: 46px;'>Write</th></tr> 816 </thead> 817 <tbody><?php 818 $showReadabilityWarning = false; 851 <table border=1 style='border-collapse: collapse; border: 1px solid gray; max-width: 400px;'> 852 <thead style='background: lightgray;'> 853 <tr><th style='padding: 3px;'>Group Name</th><th style='width: 44px;'>Read</th><th style='width: 46px;'>Write</th></tr> 854 </thead> 855 <tbody> 856 <?php 857 $showWarningBox = false; 858 $showPlublicWarning = false; 859 $showReadMoreWarning = false; 819 860 foreach ( $devOptions['groups'] as $group ) { 820 861 $spMDArraySearchResult = spMDArraySearch( $permissions, 'id', $group['id'] ); … … 822 863 $permission = $permissions[$spMDArraySearchResult]['permission']; 823 864 if ( $group['id'] == 0 || $group['id'] == 1 ) { 824 $showReadabilityWarning = true; 865 $showWarningBox = true; 866 $showPlublicWarning = true; 867 } else { 868 $showWarningBox = true; 869 $showReadMoreWarning = true; 825 870 } 826 871 } else { … … 828 873 } 829 874 if ( $group['id'] != 0 && $group['id'] != 1 ) { 830 echo "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>";831 echo "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";875 echo "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 876 echo "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 832 877 } else if ( $group['id'] == 1 ) { 833 $loggedIn = "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>\r";834 $loggedIn .= "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";878 $loggedIn = "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 879 $loggedIn .= "<td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 835 880 } else if ( $group['id'] == 0 ) { 836 $public = "\t\t <tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>\r";837 $public .= "<td ><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\r";881 $public = "\t\t\t<tr><td style='padding: 3px; max-width: 200px; word-break: break-all;'>" . $group['name'] . "</td><td><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_read' id='simplePermissions_grp_" . $group['id'] . "_read' class='sp_readCheckbox' onclick='sp_handleCheckboxClick(this);'" . ( $permission == 'read' || $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td>"; 882 $public .= "<td style='display: none;'><input type='checkbox' name='simplePermissions_grp_" . $group['id'] . "_write' id='simplePermissions_grp_" . $group['id'] . "_write' class='sp_writeCheckbox' onclick='sp_handleCheckboxClick(this);' " . ( $permission == 'write' ? " checked" : "" ) . " style='margin-left: 15px;'></td></tr>\n"; 838 883 } 839 884 } 840 885 echo $loggedIn; 841 886 echo $public;?> 842 </tbody>843 </table>887 </tbody> 888 </table> 844 889 </div> 845 <div id='sp_readabilityWarning' style='float: left; border: 1px solid black; background: lightgray; margin-left: 30px; width: 300px; display: <?php echo ( $showReadabilityWarning ? 'block' : 'none' ); ?>;'> 846 <p style='text-align: center;'><strong>Attention:</strong></p> 847 <p style='padding-left: 5px; padding-right: 5px;'>You have selected to make this document readable to "Public" and/or "Logged In Users". This will override any other groups ability or inability to read this document. Write permissions are NOT affected.</p> 890 <div id='sp_readabilityWarning' style='float: left; border: 1px solid black; background: lightgray; margin-left: 30px; width: 300px; display: <?php echo ( $showWarningBox ? 'block' : 'none' ); ?>;'> 891 <p style='text-align: center;'><strong>Attention:</strong></p> 892 <p style='padding-left: 5px; padding-right: 5px; display: <?php echo ( $showPlublicWarning ? 'block' : 'none' ); ?>;' id='sp_readabilityPublicWarning'>You have selected to make this document readable to "Public" and/or "Logged In Users". This will override any other groups ability or inability to read this document. Write permissions are NOT affected.</p> 893 <p style='padding-left: 5px; padding-right: 5px; display: <?php echo ( $showReadMoreWarning && ! $showPlublicWarning ? 'block' : 'none' ); ?>;' id='sp_readabilityReadMoreWarning'>You have selected to make this document readable by a specific group and not "Public" or "Logged In Users". This post may be exposed in a way you don't intend within search results. It is a good idea to make sure you use a "read more" tag at or near the top of the post.</p> 848 894 </div> 849 895 <div style='clear: both; margin-bottom: -10px;'> </div><?php … … 858 904 add_filter( 'plugin_action_links_' . plugin_basename( plugin_dir_path( __FILE__ ) . 'simple-permissions.php' ), array( &$svvsd_simplePermissions, 'spSettingsLink' ) ); 859 905 add_filter( 'user_has_cap', array( &$svvsd_simplePermissions, 'spUserCanDo' ), 99, 3 ); // priority 99 means it goes last-ish 906 //add_filter( 'map_meta_cap', array( &$svvsd_simplePermissions, 'spMapMetaCap' ), 10, 4 ); 860 907 add_filter( 'posts_join', array( &$svvsd_simplePermissions, 'spCustomJoin' ) ); 861 908 add_filter( 'posts_where', array( &$svvsd_simplePermissions, 'spCustomWhere' ) );
Note: See TracChangeset
for help on using the changeset viewer.