Changeset 3362334
- Timestamp:
- 09/16/2025 08:44:26 AM (7 months ago)
- Location:
- wp-access-areas
- Files:
-
- 36 edited
- 1 copied
-
tags/1.5.21 (copied) (copied from wp-access-areas/trunk)
-
tags/1.5.21/.wp-release-info.json (modified) (1 diff)
-
tags/1.5.21/README.txt (modified) (3 diffs)
-
tags/1.5.21/inc/class-accessareas_list_table.php (modified) (1 diff)
-
tags/1.5.21/inc/class-wpaa_accessarea.php (modified) (4 diffs)
-
tags/1.5.21/inc/class-wpaa_caps.php (modified) (4 diffs)
-
tags/1.5.21/inc/class-wpaa_core.php (modified) (1 diff)
-
tags/1.5.21/inc/class-wpaa_editpost.php (modified) (4 diffs)
-
tags/1.5.21/inc/class-wpaa_install.php (modified) (3 diffs)
-
tags/1.5.21/inc/class-wpaa_posts.php (modified) (4 diffs)
-
tags/1.5.21/inc/class-wpaa_settings.php (modified) (8 diffs)
-
tags/1.5.21/inc/class-wpaa_template.php (modified) (3 diffs)
-
tags/1.5.21/inc/class-wpaa_users.php (modified) (7 diffs)
-
tags/1.5.21/inc/wpaa_roles.php (modified) (1 diff)
-
tags/1.5.21/languages/wp-access-areas-it_IT.po (modified) (1 diff)
-
tags/1.5.21/languages/wp-access-areas-pl_PL.po (modified) (2 diffs)
-
tags/1.5.21/languages/wp-access-areas-sv_SE.po (modified) (2 diffs)
-
tags/1.5.21/languages/wp-access-areas.pot (modified) (5 diffs)
-
tags/1.5.21/wp-access-areas.php (modified) (2 diffs)
-
trunk/.wp-release-info.json (modified) (1 diff)
-
trunk/README.txt (modified) (3 diffs)
-
trunk/inc/class-accessareas_list_table.php (modified) (1 diff)
-
trunk/inc/class-wpaa_accessarea.php (modified) (4 diffs)
-
trunk/inc/class-wpaa_caps.php (modified) (4 diffs)
-
trunk/inc/class-wpaa_core.php (modified) (1 diff)
-
trunk/inc/class-wpaa_editpost.php (modified) (4 diffs)
-
trunk/inc/class-wpaa_install.php (modified) (3 diffs)
-
trunk/inc/class-wpaa_posts.php (modified) (4 diffs)
-
trunk/inc/class-wpaa_settings.php (modified) (8 diffs)
-
trunk/inc/class-wpaa_template.php (modified) (3 diffs)
-
trunk/inc/class-wpaa_users.php (modified) (7 diffs)
-
trunk/inc/wpaa_roles.php (modified) (1 diff)
-
trunk/languages/wp-access-areas-it_IT.po (modified) (1 diff)
-
trunk/languages/wp-access-areas-pl_PL.po (modified) (2 diffs)
-
trunk/languages/wp-access-areas-sv_SE.po (modified) (2 diffs)
-
trunk/languages/wp-access-areas.pot (modified) (5 diffs)
-
trunk/wp-access-areas.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wp-access-areas/tags/1.5.21/.wp-release-info.json
r3233303 r3362334 2 2 "id": "https://github.com/mcguffin/wp-access-areas/raw/master/.wp-release-info.json", 3 3 "slug": "wp-access-areas", 4 "version": "1.5.2 0",4 "version": "1.5.21", 5 5 "url": "http://wordpress.org/plugins/wp-access-areas/", 6 "package": "https://github.com/mcguffin/wp-access-areas/releases/download/1.5.2 0/wp-access-areas.zip",6 "package": "https://github.com/mcguffin/wp-access-areas/releases/download/1.5.21/wp-access-areas.zip", 7 7 "tested": "6.0", 8 8 "requires_php": "5.6" -
wp-access-areas/tags/1.5.21/README.txt
r3233303 r3362334 1 === WordPress Access Areas ===1 === Access Areas for WordPress === 2 2 Contributors: podpirate 3 3 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=WF4Z3HU93XYJA … … 6 6 Requires PHP: 5.6 7 7 Tested up to: 6.0 8 Stable tag: 1.5.2 08 Stable tag: 1.5.21 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 93 93 94 94 == Changelog == 95 96 = 1.5.21 = 97 - Rename Plugin from "WordPress Access Areas" to "Access Areas for WordPress". 95 98 96 99 = 1.5.20 = -
wp-access-areas/tags/1.5.21/inc/class-accessareas_list_table.php
r3233303 r3362334 130 130 131 131 if ( isset( $_REQUEST['orderby'] ) ) { 132 $orderby = wp_unslash( $_REQUEST['orderby'] ); 132 // santized later 133 $orderby = wp_unslash( $_REQUEST['orderby'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 133 134 } 134 135 135 136 if ( isset( $_REQUEST['order'] ) ) { 136 $order = wp_unslash( $_REQUEST['order'] ); 137 // santized later 138 $order = wp_unslash( $_REQUEST['order'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 137 139 } 138 140 // sanitized here 139 141 $order_sql = sanitize_sql_orderby( "{$orderby} {$order}" ); 140 142 -
wp-access-areas/tags/1.5.21/inc/class-wpaa_accessarea.php
r2518251 r3362334 31 31 32 32 $blog_id_in = array(); 33 if ( ! is_multisite() || is_accessareas_active_for_network() ) {33 if ( ! is_multisite() || wpaa_is_active_for_network() ) { 34 34 $blog_id_in[0] = '%d'; 35 35 } … … 55 55 if ( count( $blog_id_in ) ) { 56 56 $args = array_keys( $blog_id_in ); 57 $query = $wpdb->prepare( $query, ...$args ); 57 $query = $wpdb->prepare( $query, ...$args ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 58 58 } 59 59 … … 70 70 $query .= " ORDER BY $sql_orderby"; 71 71 } 72 $query = $wpdb->prepare( $query, $blog_id ); 72 $query = $wpdb->prepare( $query, $blog_id ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 73 73 return self::_get_cached_result( $query ); 74 74 } … … 131 131 '%' . $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' 132 132 ); 133 $usermeta = $wpdb->get_results( $query ); 133 $usermeta = $wpdb->get_results( $query ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 134 134 135 135 foreach ( $usermeta as $meta ) { -
wp-access-areas/tags/1.5.21/inc/class-wpaa_caps.php
r3233303 r3362334 17 17 if ( is_admin() ) { 18 18 add_action( 'admin_menu', array( __CLASS__, 'user_menu' ) ); 19 if ( is_accessareas_active_for_network() ) {19 if ( wpaa_is_active_for_network() ) { 20 20 add_action( 'network_admin_menu', array( __CLASS__, 'user_menu' ) ); 21 21 } … … 37 37 $action = -1; 38 38 if ( isset( $_REQUEST['action'] ) && intval( $_REQUEST['action'] ) !== -1 ) { 39 $action = wp_unslash( $_REQUEST['action']);39 $action = sanitize_key(wp_unslash( $_REQUEST['action'] )); 40 40 } 41 41 if ( isset( $_REQUEST['action2'] ) && intval( $_REQUEST['action2'] ) !== -1 ) { 42 $action = wp_unslash( $_REQUEST['action2']);43 } 44 $action = sanitize_key( $action );42 $action = sanitize_key(wp_unslash( $_REQUEST['action2'] )); 43 } 44 // $action = sanitize_key( $action ); 45 45 return $action; 46 46 } … … 252 252 </th> 253 253 <td> 254 <input class="regular-text" maxlength="64" type="text" name="cap_title" value="<?php e sc_attr_e( $cap_title ); ?>" id="cap_title" placeholder="<?php esc_attr_e( 'New Access Area', 'wp-access-areas' ); ?>" autocomplete="off" />254 <input class="regular-text" maxlength="64" type="text" name="cap_title" value="<?php echo esc_attr( $cap_title ); ?>" id="cap_title" placeholder="<?php esc_attr_e( 'New Access Area', 'wp-access-areas' ); ?>" autocomplete="off" /> 255 255 </td> 256 256 </tr> … … 292 292 } 293 293 /* translators: %d number of deleted items */ 294 $message = sprintf( _n( 'Access Area deleted.', '%d Access Areas deleted.', $deleted, 'wp-access-areas' ), $deleted ); 294 $message = sprintf( _n( 'Access Area deleted.', '%d Access Areas deleted.', $deleted, 'wp-access-areas' ), $deleted ); // phpcs:ignore WordPress.WP.I18n.MissingSingularPlaceholder 295 295 break; 296 296 case 4: // exists -
wp-access-areas/tags/1.5.21/inc/class-wpaa_core.php
r2236440 r3362334 8 8 9 9 // ---------------------------------------- 10 // This class initializes the WordPress Access Areas plugin.10 // This class initializes the Access Areas for WordPress plugin. 11 11 // (As of version 1.0 it only loads an apropriate plugin textdomain for translation readyness.) 12 12 // ---------------------------------------- -
wp-access-areas/tags/1.5.21/inc/class-wpaa_editpost.php
r2720192 r3362334 353 353 354 354 ?> 355 <div class="wpaa-select-behaviour<?php e sc_attr_e( $is_custom ? ' custom' : '' ); ?>">355 <div class="wpaa-select-behaviour<?php echo esc_attr( $is_custom ? ' custom' : '' ); ?>"> 356 356 <div class="misc-pub-section"> 357 357 <label for="wpaa_enable_custom_behaviour"> … … 576 576 ?> 577 577 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-visibility" title="<?php esc_attr_e( 'Who can read', 'wp-access-areas' ); ?>"> 578 <?php e sc_html_e( $names[ $val ] ); ?>578 <?php echo esc_html( $names[ $val ] ); ?> 579 579 </div> 580 580 <?php … … 585 585 ?> 586 586 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-admin-comments" title="<?php esc_attr_e( 'Who can comment', 'wp-access-areas' ); ?>"> 587 <?php e sc_html_e( $names[ $val ] ); ?>587 <?php echo esc_html( $names[ $val ] ); ?> 588 588 </div> 589 589 <?php … … 594 594 ?> 595 595 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-edit" title="<?php esc_attr_e( 'Who can read', 'wp-access-areas' ); ?>"> 596 <?php e sc_html_e( $names[ $val ] ); ?>596 <?php echo esc_html( $names[ $val ] ); ?> 597 597 </div> 598 598 <?php -
wp-access-areas/tags/1.5.21/inc/class-wpaa_install.php
r2518251 r3362334 103 103 ); 104 104 foreach ( $cols as $idx => $col ) { 105 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); 105 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 106 106 if ( empty( $c ) ) { 107 $wpdb->query( "ALTER TABLE $wpdb->posts ADD COLUMN $col varchar(128) NOT NULL DEFAULT 'exist' AFTER `post_status`;" ); 108 } 109 110 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); 107 $wpdb->query( "ALTER TABLE $wpdb->posts ADD COLUMN $col varchar(128) NOT NULL DEFAULT 'exist' AFTER `post_status`;" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 108 } 109 110 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 111 111 if ( empty( $i ) ) { 112 $wpdb->query( "ALTER TABLE $wpdb->posts ADD INDEX `$idx` (`$col`);" ); 112 $wpdb->query( "ALTER TABLE $wpdb->posts ADD INDEX `$idx` (`$col`);" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 113 113 } 114 114 } … … 123 123 ); 124 124 foreach ( $cols as $idx => $col ) { 125 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); 125 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 126 126 if ( ! empty( $c ) ) { 127 $wpdb->query( "ALTER TABLE $wpdb->posts DROP COLUMN $col;" ); 128 } 129 130 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); 127 $wpdb->query( "ALTER TABLE $wpdb->posts DROP COLUMN $col;" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 128 } 129 130 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 131 131 if ( ! empty( $i ) ) { 132 $wpdb->query( "ALTER TABLE $wpdb->posts DROP INDEX ('$idx');" ); 132 $wpdb->query( "ALTER TABLE $wpdb->posts DROP INDEX ('$idx');" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 133 133 } 134 134 } … … 211 211 212 212 $usermeta = $wpdb->get_results( $wpdb->prepare( 213 "SELECT * FROM $wpdb->usermeta WHERE meta_key LIKE '{$wpdb->base_prefix}%capabilities' AND meta_value LIKE %s", 213 // TODO test escaping 214 "SELECT * FROM $wpdb->usermeta WHERE meta_key LIKE %s AND meta_value LIKE %s", // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 215 $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' . $wpdb->esc_like( 'capabilities' ), 214 216 '%' . $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' 215 217 ) ); -
wp-access-areas/tags/1.5.21/inc/class-wpaa_posts.php
r2239939 r3362334 169 169 170 170 // taken from wp_count_comments 171 $count = $wpdb->get_results( "SELECT comment_approved, COUNT( * ) AS num_comments FROM {$wpdb->comments} {$join} {$where} GROUP BY comment_approved", ARRAY_A ); 171 $count = $wpdb->get_results( "SELECT comment_approved, COUNT( * ) AS num_comments FROM {$wpdb->comments} {$join} {$where} GROUP BY comment_approved", ARRAY_A ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 172 172 173 173 $total = 0; … … 281 281 public static function skip_undisclosed_items( $items ) { 282 282 // everything's fine - return. 283 if ( current_user_can( 'administrator' ) ) { 283 if ( current_user_can( 'administrator' ) ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 284 284 return $items; 285 285 } … … 322 322 global $wpdb, $wp_query; 323 323 // disable filtering: on queries for single posts/pages and for single blog administrators 324 if ( ( isset( $wp_query ) && is_singular() && preg_match( "/{$wpdb->posts}.(post_name|ID)\s?=/", $where ) ) || ( ! is_multisite() && current_user_can( 'administrator' ) ) ) { 324 if ( ( isset( $wp_query ) && is_singular() && preg_match( "/{$wpdb->posts}.(post_name|ID)\s?=/", $where ) ) || ( ! is_multisite() && current_user_can( 'administrator' ) ) ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 325 325 return $where; 326 326 } … … 359 359 360 360 $add_where = $wpdb->prepare( 361 " {$table_name}post_view_cap IN (" . implode( ',', $fmt ) . ")", 361 " {$table_name}post_view_cap IN (" . implode( ',', $fmt ) . ")", // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 362 362 ...$caps 363 363 ); -
wp-access-areas/tags/1.5.21/inc/class-wpaa_settings.php
r3233303 r3362334 38 38 add_action( 'admin_notices', array( __CLASS__, 'selftest' ) ); 39 39 40 if ( isset( $_GET['action'] ) && wp_unslash( $_GET['action'] ) === 'wpaa-selfrepair' ) { 40 if ( isset( $_GET['action'] ) && wp_unslash( $_GET['action'] ) === 'wpaa-selfrepair' ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 41 41 add_action( 'admin_init', array( __CLASS__, 'selfrepair' ) ); 42 42 } … … 239 239 foreach ( array( 'thead', 'tfoot' ) as $tag ) { 240 240 ?> 241 <<?php echo $tag; ?>>241 <<?php echo $tag; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>> 242 242 <tr> 243 243 <th class="manage-column"> … … 257 257 </th> 258 258 </tr> 259 </<?php echo $tag; ?>>259 </<?php echo $tag; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>> 260 260 <?php 261 261 } … … 278 278 <tr class="post-select <?php echo $alternate ? 'alternate' : ''; ?>"> 279 279 <th> 280 <?php esc_html_e( $post_type_object->labels->name ); ?>280 <?php echo esc_html( $post_type_object->labels->name ); ?> 281 281 </th> 282 282 <td> … … 352 352 ?> 353 353 <th class="manage-column"> 354 <?php esc_html_e( $label ); ?>354 <?php echo esc_html( $label ); ?> 355 355 <br /> 356 <code><small><?php e sc_html_e( $cap ); ?></small></code>356 <code><small><?php echo esc_html( $cap ); ?></small></code> 357 357 </th> 358 358 <?php … … 376 376 <tr class="role-select <?php echo $alternate ? 'alternate' : ''; ?>"> 377 377 <th> 378 <?php 379 esc_html_e( translate_user_role( $role_details['name'] ) ); 380 ?> 378 <?php echo esc_html( translate_user_role( $role_details['name'] ) ); ?> 381 379 </th> 382 380 <?php … … 394 392 } else { 395 393 ?> 396 <button name="grant_cap[<?php e sc_attr_e( $role_slug ); ?>]" value="<?php esc_attr_e( $cap ); ?>" type="submit" class="button-primary" />394 <button name="grant_cap[<?php echo esc_attr( $role_slug ); ?>]" value="<?php echo esc_attr( $cap ); ?>" type="submit" class="button-primary" /> 397 395 <?php esc_html_e( 'Allow', 'wp-access-areas' ); ?> 398 396 </button> … … 491 489 foreach ( self::get_post_stati() as $post_status => $status_obj ) { 492 490 ?> 493 <option value="<?php e sc_attr_e( $post_status ); ?>" <?php selected( $default_post_status, $post_status, true ); ?>>494 <?php e sc_html_e( $status_obj->label ); ?>491 <option value="<?php echo esc_attr( $post_status ); ?>" <?php selected( $default_post_status, $post_status, true ); ?>> 492 <?php echo esc_html( $status_obj->label ); ?> 495 493 </option> 496 494 <?php -
wp-access-areas/tags/1.5.21/inc/class-wpaa_template.php
r3233303 r3362334 49 49 } 50 50 ?> 51 <option value="<?php e sc_attr_e( $role ); ?>" <?php selected( $selected_cap, $role ); ?>>51 <option value="<?php echo esc_attr( $role ); ?>" <?php selected( $selected_cap, $role ); ?>> 52 52 <?php echo esc_html( $rolename ); ?> 53 53 </option> … … 68 68 <option value="<?php echo esc_attr( $group_cap ); ?>" <?php selected( $selected_cap, $group_cap ); ?>> 69 69 <?php 70 e sc_html_e( $group['title'], 'wp-access-areas');70 echo esc_html( $group['title'] ); 71 71 echo $group['global'] ? ' ' . esc_html__( '(Network)', 'wp-access-areas' ) : ''; 72 72 ?> … … 137 137 ?> 138 138 <label for="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>"> 139 <input name="<?php e sc_attr_e( $fieldname ); ?>" <?php checked( $value, $post_behavior ); ?> class="wpaa-post-behavior" id="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>" value="<?php esc_attr_e( $value ); ?>" type="radio" />140 <?php e sc_html_e( $label ); ?>139 <input name="<?php echo esc_attr( $fieldname ); ?>" <?php checked( $value, $post_behavior ); ?> class="wpaa-post-behavior" id="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>" value="<?php echo esc_attr( $value ); ?>" type="radio" /> 140 <?php echo esc_html( $label ); ?> 141 141 <br /> 142 142 </label> -
wp-access-areas/tags/1.5.21/inc/class-wpaa_users.php
r3233303 r3362334 16 16 if ( is_admin() ) { 17 17 add_action( 'admin_init', array( __CLASS__, 'admin_init' ) ); 18 if ( is_accessareas_active_for_network() ) {18 if ( wpaa_is_active_for_network() ) { 19 19 add_filter( 'wpmu_users_columns', array( __CLASS__, 'add_userlabels_column' ) ); 20 20 } … … 332 332 public static function personal_options( $profileuser ) { 333 333 // IS_PROFILE_PAGE : self or other 334 if ( ! current_user_can( 'promote_users' ) || ( is_network_admin() && ! is_accessareas_active_for_network() ) ) {334 if ( ! current_user_can( 'promote_users' ) || ( is_network_admin() && ! wpaa_is_active_for_network() ) ) { 335 335 return; 336 336 } … … 353 353 ); 354 354 } 355 if ( ( is_network_admin() || is_super_admin() ) && is_accessareas_active_for_network() ) {355 if ( ( is_network_admin() || is_super_admin() ) && wpaa_is_active_for_network() ) { 356 356 $labelrows[ __( 'Grant Network-Wide Access', 'wp-access-areas' ) ] = array( 357 357 'network' => true, … … 428 428 '<label for="%s">%s</label>', 429 429 esc_attr( $id ), 430 esc_html __( $label->cap_title )430 esc_html( $label->cap_title ) 431 431 ); 432 432 … … 442 442 <input type="hidden" name="blog_id" value="<?php echo intval( $blog_id ); ?>" /> 443 443 <input class="cap-add" type="text" name="cap_title" placeholder="<?php esc_attr_e( 'Add New', 'wp-access-areas' ); ?>" /> 444 <button href="#" class="cap-add-submit button" disabled data-nonce="<?php e sc_attr_e( wp_create_nonce( 'userlabel-new' ) ); ?>">444 <button href="#" class="cap-add-submit button" disabled data-nonce="<?php echo esc_attr( wp_create_nonce( 'userlabel-new' ) ); ?>"> 445 445 <span class=" dashicons dashicons-plus"></span> 446 446 <span class="screen-reader-text"> … … 465 465 $ret = ''; 466 466 $ret .= self::_listtable_label_select( WPAA_AccessArea::get_blog_userlabels(), $current_label ); 467 if ( is_accessareas_active_for_network() ) {467 if ( wpaa_is_active_for_network() ) { 468 468 $ret .= self::_listtable_label_select( WPAA_AccessArea::get_network_userlabels(), $current_label, true ); 469 469 } … … 492 492 493 493 private static function _label_select_all( $name, $first_element_label = false, $echo = false ) { 494 $network = is_accessareas_active_for_network();494 $network = wpaa_is_active_for_network(); 495 495 $ret = ''; 496 496 $ret .= '<select name="' . $name . '">'; -
wp-access-areas/tags/1.5.21/inc/wpaa_roles.php
r2232646 r3362334 95 95 96 96 // always true for administrators on local caps 97 if ( wpaa_is_local_cap( $cap ) && current_user_can( 'administrator' ) || is_super_admin() ) { 97 if ( wpaa_is_local_cap( $cap ) && current_user_can( 'administrator' ) || is_super_admin() ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 98 98 $can = true; 99 99 } else { -
wp-access-areas/tags/1.5.21/languages/wp-access-areas-it_IT.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.1\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.1\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:31+0100\n" -
wp-access-areas/tags/1.5.21/languages/wp-access-areas-pl_PL.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.7\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.7\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:31+0100\n" … … 504 504 505 505 # @ wp-access-areas 506 #~ msgid " WordPress Access Areas"506 #~ msgid "Access Areas for WordPress" 507 507 #~ msgstr "Obszary dostępu Wordpress" 508 508 -
wp-access-areas/tags/1.5.21/languages/wp-access-areas-sv_SE.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.5\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.5\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:32+0100\n" … … 502 502 503 503 # @ wp-access-areas 504 #~ msgid " WordPress Access Areas"504 #~ msgid "Access Areas for WordPress" 505 505 #~ msgstr "Användarzoner" 506 506 -
wp-access-areas/tags/1.5.21/languages/wp-access-areas.pot
r3233303 r3362334 1 1 # Copyright (C) 2025 Jörn Lund 2 # This file is distributed under the same license as the WordPress Access Areas plugin.2 # This file is distributed under the same license as the Access Areas for WordPress plugin. 3 3 msgid "" 4 4 msgstr "" 5 "Project-Id-Version: WordPress Access Areas 1.5.20\n"5 "Project-Id-Version: Access Areas for WordPress 1.5.21\n" 6 6 "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-access-areas\n" 7 7 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" … … 10 10 "Content-Type: text/plain; charset=UTF-8\n" 11 11 "Content-Transfer-Encoding: 8bit\n" 12 "POT-Creation-Date: 2025-0 2-02T09:25:18+00:00\n"12 "POT-Creation-Date: 2025-09-16T10:43:43+02:00\n" 13 13 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" 14 "X-Generator: WP-CLI 2.1 1.0\n"14 "X-Generator: WP-CLI 2.12.0\n" 15 15 "X-Domain: wp-access-areas\n" 16 16 17 17 #. Plugin Name of the plugin 18 18 #: wp-access-areas.php 19 msgid " WordPress Access Areas"19 msgid "Access Areas for WordPress" 20 20 msgstr "" 21 21 … … 54 54 #: inc/class-accessareas_list_table.php:83 55 55 #: inc/class-accessareas_list_table.php:105 56 #: inc/class-accessareas_list_table.php:16 356 #: inc/class-accessareas_list_table.php:165 57 57 msgid "Delete" 58 58 msgstr "" … … 167 167 168 168 #: inc/class-wpaa_editpost.php:366 169 #: inc/class-wpaa_settings.php:44 5169 #: inc/class-wpaa_settings.php:443 170 170 msgid "If somebody tries to view a restricted post directly:" 171 171 msgstr "" … … 313 313 msgstr "" 314 314 315 #: inc/class-wpaa_settings.php:3 91315 #: inc/class-wpaa_settings.php:389 316 316 msgid "Forbid" 317 317 msgstr "" 318 318 319 #: inc/class-wpaa_settings.php:39 7319 #: inc/class-wpaa_settings.php:395 320 320 msgid "Allow" 321 321 msgstr "" 322 322 323 #: inc/class-wpaa_settings.php:41 6323 #: inc/class-wpaa_settings.php:414 324 324 msgid "If you are running a role editor plugin such as <a href=\"https://wordpress.org/plugins/user-role-editor/\">User Role editor by Vladimir Garagulya</a> or <a href=\"https://wordpress.org/plugins/wpfront-user-role-editor/\">WPFront User Role Editor by Syam Mohan</a> you can do the same as here by assigning the custom capabilites <code>wpaa_set_view_cap</code>, <code>wpaa_set_edit_cap</code> and <code>wpaa_set_comment_cap</code>." 325 325 msgstr "" 326 326 327 #: inc/class-wpaa_settings.php:4 21327 #: inc/class-wpaa_settings.php:419 328 328 msgid "By disabling the role capabilities feature you will allow everybody who can at least publish a post to edit the access properties as well." 329 329 msgstr "" 330 330 331 #: inc/class-wpaa_settings.php:42 5331 #: inc/class-wpaa_settings.php:423 332 332 msgid "Disable Role Capabilities" 333 333 msgstr "" 334 334 335 #: inc/class-wpaa_settings.php:43 2335 #: inc/class-wpaa_settings.php:430 336 336 msgid "By default everybody who can publish an entry can also edit the access properties such as ‘Who can view’ or ‘Who can edit’.<br /> If this is too generous for you then click on the button below." 337 337 msgstr "" 338 338 339 #: inc/class-wpaa_settings.php:43 6339 #: inc/class-wpaa_settings.php:434 340 340 msgid "Enable Role Capabilities" 341 341 msgstr "" 342 342 343 #: inc/class-wpaa_settings.php:48 8343 #: inc/class-wpaa_settings.php:486 344 344 msgid "Don‘t change" 345 345 msgstr "" 346 346 347 #: inc/class-wpaa_settings.php:50 2347 #: inc/class-wpaa_settings.php:500 348 348 msgid "Set post status of assigned posts after an Access Area has been deleted." 349 349 msgstr "" -
wp-access-areas/tags/1.5.21/wp-access-areas.php
r3233303 r3362334 6 6 7 7 /* 8 Plugin Name: WordPress Access Areas8 Plugin Name: Access Areas for WordPress 9 9 Plugin URI: http://wordpress.org/plugins/wp-access-areas/ 10 10 Description: Lets you define Access Areas and assign them to Posts, Pages and Custom Post types. Through Access Areas you can fine-tune who can view, edit or comment on your posts. 11 11 Author: Jörn Lund 12 Version: 1.5.2 012 Version: 1.5.21 13 13 Author URI: https://github.com/mcguffin/ 14 14 Text Domain: wp-access-areas … … 31 31 define( 'WPUND_GLOBAL_USERMETA_KEY', "undisclosed_global_capabilities" ); 32 32 33 function is_accessareas_active_for_network() {33 function wpaa_is_active_for_network() { 34 34 if ( ! is_multisite() ) { 35 35 return false; -
wp-access-areas/trunk/.wp-release-info.json
r3233303 r3362334 2 2 "id": "https://github.com/mcguffin/wp-access-areas/raw/master/.wp-release-info.json", 3 3 "slug": "wp-access-areas", 4 "version": "1.5.2 0",4 "version": "1.5.21", 5 5 "url": "http://wordpress.org/plugins/wp-access-areas/", 6 "package": "https://github.com/mcguffin/wp-access-areas/releases/download/1.5.2 0/wp-access-areas.zip",6 "package": "https://github.com/mcguffin/wp-access-areas/releases/download/1.5.21/wp-access-areas.zip", 7 7 "tested": "6.0", 8 8 "requires_php": "5.6" -
wp-access-areas/trunk/README.txt
r3233303 r3362334 1 === WordPress Access Areas ===1 === Access Areas for WordPress === 2 2 Contributors: podpirate 3 3 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=WF4Z3HU93XYJA … … 6 6 Requires PHP: 5.6 7 7 Tested up to: 6.0 8 Stable tag: 1.5.2 08 Stable tag: 1.5.21 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 93 93 94 94 == Changelog == 95 96 = 1.5.21 = 97 - Rename Plugin from "WordPress Access Areas" to "Access Areas for WordPress". 95 98 96 99 = 1.5.20 = -
wp-access-areas/trunk/inc/class-accessareas_list_table.php
r3233303 r3362334 130 130 131 131 if ( isset( $_REQUEST['orderby'] ) ) { 132 $orderby = wp_unslash( $_REQUEST['orderby'] ); 132 // santized later 133 $orderby = wp_unslash( $_REQUEST['orderby'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 133 134 } 134 135 135 136 if ( isset( $_REQUEST['order'] ) ) { 136 $order = wp_unslash( $_REQUEST['order'] ); 137 // santized later 138 $order = wp_unslash( $_REQUEST['order'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 137 139 } 138 140 // sanitized here 139 141 $order_sql = sanitize_sql_orderby( "{$orderby} {$order}" ); 140 142 -
wp-access-areas/trunk/inc/class-wpaa_accessarea.php
r2518251 r3362334 31 31 32 32 $blog_id_in = array(); 33 if ( ! is_multisite() || is_accessareas_active_for_network() ) {33 if ( ! is_multisite() || wpaa_is_active_for_network() ) { 34 34 $blog_id_in[0] = '%d'; 35 35 } … … 55 55 if ( count( $blog_id_in ) ) { 56 56 $args = array_keys( $blog_id_in ); 57 $query = $wpdb->prepare( $query, ...$args ); 57 $query = $wpdb->prepare( $query, ...$args ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 58 58 } 59 59 … … 70 70 $query .= " ORDER BY $sql_orderby"; 71 71 } 72 $query = $wpdb->prepare( $query, $blog_id ); 72 $query = $wpdb->prepare( $query, $blog_id ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 73 73 return self::_get_cached_result( $query ); 74 74 } … … 131 131 '%' . $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' 132 132 ); 133 $usermeta = $wpdb->get_results( $query ); 133 $usermeta = $wpdb->get_results( $query ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 134 134 135 135 foreach ( $usermeta as $meta ) { -
wp-access-areas/trunk/inc/class-wpaa_caps.php
r3233303 r3362334 17 17 if ( is_admin() ) { 18 18 add_action( 'admin_menu', array( __CLASS__, 'user_menu' ) ); 19 if ( is_accessareas_active_for_network() ) {19 if ( wpaa_is_active_for_network() ) { 20 20 add_action( 'network_admin_menu', array( __CLASS__, 'user_menu' ) ); 21 21 } … … 37 37 $action = -1; 38 38 if ( isset( $_REQUEST['action'] ) && intval( $_REQUEST['action'] ) !== -1 ) { 39 $action = wp_unslash( $_REQUEST['action']);39 $action = sanitize_key(wp_unslash( $_REQUEST['action'] )); 40 40 } 41 41 if ( isset( $_REQUEST['action2'] ) && intval( $_REQUEST['action2'] ) !== -1 ) { 42 $action = wp_unslash( $_REQUEST['action2']);43 } 44 $action = sanitize_key( $action );42 $action = sanitize_key(wp_unslash( $_REQUEST['action2'] )); 43 } 44 // $action = sanitize_key( $action ); 45 45 return $action; 46 46 } … … 252 252 </th> 253 253 <td> 254 <input class="regular-text" maxlength="64" type="text" name="cap_title" value="<?php e sc_attr_e( $cap_title ); ?>" id="cap_title" placeholder="<?php esc_attr_e( 'New Access Area', 'wp-access-areas' ); ?>" autocomplete="off" />254 <input class="regular-text" maxlength="64" type="text" name="cap_title" value="<?php echo esc_attr( $cap_title ); ?>" id="cap_title" placeholder="<?php esc_attr_e( 'New Access Area', 'wp-access-areas' ); ?>" autocomplete="off" /> 255 255 </td> 256 256 </tr> … … 292 292 } 293 293 /* translators: %d number of deleted items */ 294 $message = sprintf( _n( 'Access Area deleted.', '%d Access Areas deleted.', $deleted, 'wp-access-areas' ), $deleted ); 294 $message = sprintf( _n( 'Access Area deleted.', '%d Access Areas deleted.', $deleted, 'wp-access-areas' ), $deleted ); // phpcs:ignore WordPress.WP.I18n.MissingSingularPlaceholder 295 295 break; 296 296 case 4: // exists -
wp-access-areas/trunk/inc/class-wpaa_core.php
r2236440 r3362334 8 8 9 9 // ---------------------------------------- 10 // This class initializes the WordPress Access Areas plugin.10 // This class initializes the Access Areas for WordPress plugin. 11 11 // (As of version 1.0 it only loads an apropriate plugin textdomain for translation readyness.) 12 12 // ---------------------------------------- -
wp-access-areas/trunk/inc/class-wpaa_editpost.php
r2720192 r3362334 353 353 354 354 ?> 355 <div class="wpaa-select-behaviour<?php e sc_attr_e( $is_custom ? ' custom' : '' ); ?>">355 <div class="wpaa-select-behaviour<?php echo esc_attr( $is_custom ? ' custom' : '' ); ?>"> 356 356 <div class="misc-pub-section"> 357 357 <label for="wpaa_enable_custom_behaviour"> … … 576 576 ?> 577 577 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-visibility" title="<?php esc_attr_e( 'Who can read', 'wp-access-areas' ); ?>"> 578 <?php e sc_html_e( $names[ $val ] ); ?>578 <?php echo esc_html( $names[ $val ] ); ?> 579 579 </div> 580 580 <?php … … 585 585 ?> 586 586 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-admin-comments" title="<?php esc_attr_e( 'Who can comment', 'wp-access-areas' ); ?>"> 587 <?php e sc_html_e( $names[ $val ] ); ?>587 <?php echo esc_html( $names[ $val ] ); ?> 588 588 </div> 589 589 <?php … … 594 594 ?> 595 595 <div class="<?php echo $val == 'exist' ? 'wpaa-default-permission ' : ''; ?> wpaa-permission dashicons-before dashicons-edit" title="<?php esc_attr_e( 'Who can read', 'wp-access-areas' ); ?>"> 596 <?php e sc_html_e( $names[ $val ] ); ?>596 <?php echo esc_html( $names[ $val ] ); ?> 597 597 </div> 598 598 <?php -
wp-access-areas/trunk/inc/class-wpaa_install.php
r2518251 r3362334 103 103 ); 104 104 foreach ( $cols as $idx => $col ) { 105 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); 105 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 106 106 if ( empty( $c ) ) { 107 $wpdb->query( "ALTER TABLE $wpdb->posts ADD COLUMN $col varchar(128) NOT NULL DEFAULT 'exist' AFTER `post_status`;" ); 108 } 109 110 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); 107 $wpdb->query( "ALTER TABLE $wpdb->posts ADD COLUMN $col varchar(128) NOT NULL DEFAULT 'exist' AFTER `post_status`;" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 108 } 109 110 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 111 111 if ( empty( $i ) ) { 112 $wpdb->query( "ALTER TABLE $wpdb->posts ADD INDEX `$idx` (`$col`);" ); 112 $wpdb->query( "ALTER TABLE $wpdb->posts ADD INDEX `$idx` (`$col`);" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 113 113 } 114 114 } … … 123 123 ); 124 124 foreach ( $cols as $idx => $col ) { 125 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); 125 $c = $wpdb->get_results( "SHOW COLUMNS FROM $wpdb->posts LIKE '$col'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 126 126 if ( ! empty( $c ) ) { 127 $wpdb->query( "ALTER TABLE $wpdb->posts DROP COLUMN $col;" ); 128 } 129 130 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); 127 $wpdb->query( "ALTER TABLE $wpdb->posts DROP COLUMN $col;" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 128 } 129 130 $i = $wpdb->query( "SHOW INDEX FROM $wpdb->posts WHERE Key_name = '$idx'" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 131 131 if ( ! empty( $i ) ) { 132 $wpdb->query( "ALTER TABLE $wpdb->posts DROP INDEX ('$idx');" ); 132 $wpdb->query( "ALTER TABLE $wpdb->posts DROP INDEX ('$idx');" ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 133 133 } 134 134 } … … 211 211 212 212 $usermeta = $wpdb->get_results( $wpdb->prepare( 213 "SELECT * FROM $wpdb->usermeta WHERE meta_key LIKE '{$wpdb->base_prefix}%capabilities' AND meta_value LIKE %s", 213 // TODO test escaping 214 "SELECT * FROM $wpdb->usermeta WHERE meta_key LIKE %s AND meta_value LIKE %s", // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 215 $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' . $wpdb->esc_like( 'capabilities' ), 214 216 '%' . $wpdb->esc_like( WPUND_USERLABEL_PREFIX ) . '%' 215 217 ) ); -
wp-access-areas/trunk/inc/class-wpaa_posts.php
r2239939 r3362334 169 169 170 170 // taken from wp_count_comments 171 $count = $wpdb->get_results( "SELECT comment_approved, COUNT( * ) AS num_comments FROM {$wpdb->comments} {$join} {$where} GROUP BY comment_approved", ARRAY_A ); 171 $count = $wpdb->get_results( "SELECT comment_approved, COUNT( * ) AS num_comments FROM {$wpdb->comments} {$join} {$where} GROUP BY comment_approved", ARRAY_A ); // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 172 172 173 173 $total = 0; … … 281 281 public static function skip_undisclosed_items( $items ) { 282 282 // everything's fine - return. 283 if ( current_user_can( 'administrator' ) ) { 283 if ( current_user_can( 'administrator' ) ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 284 284 return $items; 285 285 } … … 322 322 global $wpdb, $wp_query; 323 323 // disable filtering: on queries for single posts/pages and for single blog administrators 324 if ( ( isset( $wp_query ) && is_singular() && preg_match( "/{$wpdb->posts}.(post_name|ID)\s?=/", $where ) ) || ( ! is_multisite() && current_user_can( 'administrator' ) ) ) { 324 if ( ( isset( $wp_query ) && is_singular() && preg_match( "/{$wpdb->posts}.(post_name|ID)\s?=/", $where ) ) || ( ! is_multisite() && current_user_can( 'administrator' ) ) ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 325 325 return $where; 326 326 } … … 359 359 360 360 $add_where = $wpdb->prepare( 361 " {$table_name}post_view_cap IN (" . implode( ',', $fmt ) . ")", 361 " {$table_name}post_view_cap IN (" . implode( ',', $fmt ) . ")", // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared 362 362 ...$caps 363 363 ); -
wp-access-areas/trunk/inc/class-wpaa_settings.php
r3233303 r3362334 38 38 add_action( 'admin_notices', array( __CLASS__, 'selftest' ) ); 39 39 40 if ( isset( $_GET['action'] ) && wp_unslash( $_GET['action'] ) === 'wpaa-selfrepair' ) { 40 if ( isset( $_GET['action'] ) && wp_unslash( $_GET['action'] ) === 'wpaa-selfrepair' ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 41 41 add_action( 'admin_init', array( __CLASS__, 'selfrepair' ) ); 42 42 } … … 239 239 foreach ( array( 'thead', 'tfoot' ) as $tag ) { 240 240 ?> 241 <<?php echo $tag; ?>>241 <<?php echo $tag; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>> 242 242 <tr> 243 243 <th class="manage-column"> … … 257 257 </th> 258 258 </tr> 259 </<?php echo $tag; ?>>259 </<?php echo $tag; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>> 260 260 <?php 261 261 } … … 278 278 <tr class="post-select <?php echo $alternate ? 'alternate' : ''; ?>"> 279 279 <th> 280 <?php esc_html_e( $post_type_object->labels->name ); ?>280 <?php echo esc_html( $post_type_object->labels->name ); ?> 281 281 </th> 282 282 <td> … … 352 352 ?> 353 353 <th class="manage-column"> 354 <?php esc_html_e( $label ); ?>354 <?php echo esc_html( $label ); ?> 355 355 <br /> 356 <code><small><?php e sc_html_e( $cap ); ?></small></code>356 <code><small><?php echo esc_html( $cap ); ?></small></code> 357 357 </th> 358 358 <?php … … 376 376 <tr class="role-select <?php echo $alternate ? 'alternate' : ''; ?>"> 377 377 <th> 378 <?php 379 esc_html_e( translate_user_role( $role_details['name'] ) ); 380 ?> 378 <?php echo esc_html( translate_user_role( $role_details['name'] ) ); ?> 381 379 </th> 382 380 <?php … … 394 392 } else { 395 393 ?> 396 <button name="grant_cap[<?php e sc_attr_e( $role_slug ); ?>]" value="<?php esc_attr_e( $cap ); ?>" type="submit" class="button-primary" />394 <button name="grant_cap[<?php echo esc_attr( $role_slug ); ?>]" value="<?php echo esc_attr( $cap ); ?>" type="submit" class="button-primary" /> 397 395 <?php esc_html_e( 'Allow', 'wp-access-areas' ); ?> 398 396 </button> … … 491 489 foreach ( self::get_post_stati() as $post_status => $status_obj ) { 492 490 ?> 493 <option value="<?php e sc_attr_e( $post_status ); ?>" <?php selected( $default_post_status, $post_status, true ); ?>>494 <?php e sc_html_e( $status_obj->label ); ?>491 <option value="<?php echo esc_attr( $post_status ); ?>" <?php selected( $default_post_status, $post_status, true ); ?>> 492 <?php echo esc_html( $status_obj->label ); ?> 495 493 </option> 496 494 <?php -
wp-access-areas/trunk/inc/class-wpaa_template.php
r3233303 r3362334 49 49 } 50 50 ?> 51 <option value="<?php e sc_attr_e( $role ); ?>" <?php selected( $selected_cap, $role ); ?>>51 <option value="<?php echo esc_attr( $role ); ?>" <?php selected( $selected_cap, $role ); ?>> 52 52 <?php echo esc_html( $rolename ); ?> 53 53 </option> … … 68 68 <option value="<?php echo esc_attr( $group_cap ); ?>" <?php selected( $selected_cap, $group_cap ); ?>> 69 69 <?php 70 e sc_html_e( $group['title'], 'wp-access-areas');70 echo esc_html( $group['title'] ); 71 71 echo $group['global'] ? ' ' . esc_html__( '(Network)', 'wp-access-areas' ) : ''; 72 72 ?> … … 137 137 ?> 138 138 <label for="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>"> 139 <input name="<?php e sc_attr_e( $fieldname ); ?>" <?php checked( $value, $post_behavior ); ?> class="wpaa-post-behavior" id="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>" value="<?php esc_attr_e( $value ); ?>" type="radio" />140 <?php e sc_html_e( $label ); ?>139 <input name="<?php echo esc_attr( $fieldname ); ?>" <?php checked( $value, $post_behavior ); ?> class="wpaa-post-behavior" id="wpaa-view-post-behavior-<?php echo sanitize_key( $value ); ?>" value="<?php echo esc_attr( $value ); ?>" type="radio" /> 140 <?php echo esc_html( $label ); ?> 141 141 <br /> 142 142 </label> -
wp-access-areas/trunk/inc/class-wpaa_users.php
r3233303 r3362334 16 16 if ( is_admin() ) { 17 17 add_action( 'admin_init', array( __CLASS__, 'admin_init' ) ); 18 if ( is_accessareas_active_for_network() ) {18 if ( wpaa_is_active_for_network() ) { 19 19 add_filter( 'wpmu_users_columns', array( __CLASS__, 'add_userlabels_column' ) ); 20 20 } … … 332 332 public static function personal_options( $profileuser ) { 333 333 // IS_PROFILE_PAGE : self or other 334 if ( ! current_user_can( 'promote_users' ) || ( is_network_admin() && ! is_accessareas_active_for_network() ) ) {334 if ( ! current_user_can( 'promote_users' ) || ( is_network_admin() && ! wpaa_is_active_for_network() ) ) { 335 335 return; 336 336 } … … 353 353 ); 354 354 } 355 if ( ( is_network_admin() || is_super_admin() ) && is_accessareas_active_for_network() ) {355 if ( ( is_network_admin() || is_super_admin() ) && wpaa_is_active_for_network() ) { 356 356 $labelrows[ __( 'Grant Network-Wide Access', 'wp-access-areas' ) ] = array( 357 357 'network' => true, … … 428 428 '<label for="%s">%s</label>', 429 429 esc_attr( $id ), 430 esc_html __( $label->cap_title )430 esc_html( $label->cap_title ) 431 431 ); 432 432 … … 442 442 <input type="hidden" name="blog_id" value="<?php echo intval( $blog_id ); ?>" /> 443 443 <input class="cap-add" type="text" name="cap_title" placeholder="<?php esc_attr_e( 'Add New', 'wp-access-areas' ); ?>" /> 444 <button href="#" class="cap-add-submit button" disabled data-nonce="<?php e sc_attr_e( wp_create_nonce( 'userlabel-new' ) ); ?>">444 <button href="#" class="cap-add-submit button" disabled data-nonce="<?php echo esc_attr( wp_create_nonce( 'userlabel-new' ) ); ?>"> 445 445 <span class=" dashicons dashicons-plus"></span> 446 446 <span class="screen-reader-text"> … … 465 465 $ret = ''; 466 466 $ret .= self::_listtable_label_select( WPAA_AccessArea::get_blog_userlabels(), $current_label ); 467 if ( is_accessareas_active_for_network() ) {467 if ( wpaa_is_active_for_network() ) { 468 468 $ret .= self::_listtable_label_select( WPAA_AccessArea::get_network_userlabels(), $current_label, true ); 469 469 } … … 492 492 493 493 private static function _label_select_all( $name, $first_element_label = false, $echo = false ) { 494 $network = is_accessareas_active_for_network();494 $network = wpaa_is_active_for_network(); 495 495 $ret = ''; 496 496 $ret .= '<select name="' . $name . '">'; -
wp-access-areas/trunk/inc/wpaa_roles.php
r2232646 r3362334 95 95 96 96 // always true for administrators on local caps 97 if ( wpaa_is_local_cap( $cap ) && current_user_can( 'administrator' ) || is_super_admin() ) { 97 if ( wpaa_is_local_cap( $cap ) && current_user_can( 'administrator' ) || is_super_admin() ) { // phpcs:ignore WordPress.WP.Capabilities.RoleFound 98 98 $can = true; 99 99 } else { -
wp-access-areas/trunk/languages/wp-access-areas-it_IT.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.1\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.1\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:31+0100\n" -
wp-access-areas/trunk/languages/wp-access-areas-pl_PL.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.7\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.7\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:31+0100\n" … … 504 504 505 505 # @ wp-access-areas 506 #~ msgid " WordPress Access Areas"506 #~ msgid "Access Areas for WordPress" 507 507 #~ msgstr "Obszary dostępu Wordpress" 508 508 -
wp-access-areas/trunk/languages/wp-access-areas-sv_SE.po
r1408124 r3362334 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: WordPress Access Areas v1.2.5\n"3 "Project-Id-Version: Access Areas for WordPress v1.2.5\n" 4 4 "Report-Msgid-Bugs-To: \n" 5 5 "POT-Creation-Date: 2016-04-30 11:32+0100\n" … … 502 502 503 503 # @ wp-access-areas 504 #~ msgid " WordPress Access Areas"504 #~ msgid "Access Areas for WordPress" 505 505 #~ msgstr "Användarzoner" 506 506 -
wp-access-areas/trunk/languages/wp-access-areas.pot
r3233303 r3362334 1 1 # Copyright (C) 2025 Jörn Lund 2 # This file is distributed under the same license as the WordPress Access Areas plugin.2 # This file is distributed under the same license as the Access Areas for WordPress plugin. 3 3 msgid "" 4 4 msgstr "" 5 "Project-Id-Version: WordPress Access Areas 1.5.20\n"5 "Project-Id-Version: Access Areas for WordPress 1.5.21\n" 6 6 "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-access-areas\n" 7 7 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" … … 10 10 "Content-Type: text/plain; charset=UTF-8\n" 11 11 "Content-Transfer-Encoding: 8bit\n" 12 "POT-Creation-Date: 2025-0 2-02T09:25:18+00:00\n"12 "POT-Creation-Date: 2025-09-16T10:43:43+02:00\n" 13 13 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" 14 "X-Generator: WP-CLI 2.1 1.0\n"14 "X-Generator: WP-CLI 2.12.0\n" 15 15 "X-Domain: wp-access-areas\n" 16 16 17 17 #. Plugin Name of the plugin 18 18 #: wp-access-areas.php 19 msgid " WordPress Access Areas"19 msgid "Access Areas for WordPress" 20 20 msgstr "" 21 21 … … 54 54 #: inc/class-accessareas_list_table.php:83 55 55 #: inc/class-accessareas_list_table.php:105 56 #: inc/class-accessareas_list_table.php:16 356 #: inc/class-accessareas_list_table.php:165 57 57 msgid "Delete" 58 58 msgstr "" … … 167 167 168 168 #: inc/class-wpaa_editpost.php:366 169 #: inc/class-wpaa_settings.php:44 5169 #: inc/class-wpaa_settings.php:443 170 170 msgid "If somebody tries to view a restricted post directly:" 171 171 msgstr "" … … 313 313 msgstr "" 314 314 315 #: inc/class-wpaa_settings.php:3 91315 #: inc/class-wpaa_settings.php:389 316 316 msgid "Forbid" 317 317 msgstr "" 318 318 319 #: inc/class-wpaa_settings.php:39 7319 #: inc/class-wpaa_settings.php:395 320 320 msgid "Allow" 321 321 msgstr "" 322 322 323 #: inc/class-wpaa_settings.php:41 6323 #: inc/class-wpaa_settings.php:414 324 324 msgid "If you are running a role editor plugin such as <a href=\"https://wordpress.org/plugins/user-role-editor/\">User Role editor by Vladimir Garagulya</a> or <a href=\"https://wordpress.org/plugins/wpfront-user-role-editor/\">WPFront User Role Editor by Syam Mohan</a> you can do the same as here by assigning the custom capabilites <code>wpaa_set_view_cap</code>, <code>wpaa_set_edit_cap</code> and <code>wpaa_set_comment_cap</code>." 325 325 msgstr "" 326 326 327 #: inc/class-wpaa_settings.php:4 21327 #: inc/class-wpaa_settings.php:419 328 328 msgid "By disabling the role capabilities feature you will allow everybody who can at least publish a post to edit the access properties as well." 329 329 msgstr "" 330 330 331 #: inc/class-wpaa_settings.php:42 5331 #: inc/class-wpaa_settings.php:423 332 332 msgid "Disable Role Capabilities" 333 333 msgstr "" 334 334 335 #: inc/class-wpaa_settings.php:43 2335 #: inc/class-wpaa_settings.php:430 336 336 msgid "By default everybody who can publish an entry can also edit the access properties such as ‘Who can view’ or ‘Who can edit’.<br /> If this is too generous for you then click on the button below." 337 337 msgstr "" 338 338 339 #: inc/class-wpaa_settings.php:43 6339 #: inc/class-wpaa_settings.php:434 340 340 msgid "Enable Role Capabilities" 341 341 msgstr "" 342 342 343 #: inc/class-wpaa_settings.php:48 8343 #: inc/class-wpaa_settings.php:486 344 344 msgid "Don‘t change" 345 345 msgstr "" 346 346 347 #: inc/class-wpaa_settings.php:50 2347 #: inc/class-wpaa_settings.php:500 348 348 msgid "Set post status of assigned posts after an Access Area has been deleted." 349 349 msgstr "" -
wp-access-areas/trunk/wp-access-areas.php
r3233303 r3362334 6 6 7 7 /* 8 Plugin Name: WordPress Access Areas8 Plugin Name: Access Areas for WordPress 9 9 Plugin URI: http://wordpress.org/plugins/wp-access-areas/ 10 10 Description: Lets you define Access Areas and assign them to Posts, Pages and Custom Post types. Through Access Areas you can fine-tune who can view, edit or comment on your posts. 11 11 Author: Jörn Lund 12 Version: 1.5.2 012 Version: 1.5.21 13 13 Author URI: https://github.com/mcguffin/ 14 14 Text Domain: wp-access-areas … … 31 31 define( 'WPUND_GLOBAL_USERMETA_KEY', "undisclosed_global_capabilities" ); 32 32 33 function is_accessareas_active_for_network() {33 function wpaa_is_active_for_network() { 34 34 if ( ! is_multisite() ) { 35 35 return false;
Note: See TracChangeset
for help on using the changeset viewer.