ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update plugins

Browse Source
This commit is contained in:
Tony Volpe
2024-06-17 14:42:23 -04:00
parent a00f379f7f
commit 38e314323c
9467 changed files with 2032414 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1026
wp/wp-content/plugins/user-role-editor/changelog.txt Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_444444_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_555555_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_777620_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.4 KiB

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_777777_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_cc0000_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.4 KiB

BIN
wp/wp-content/plugins/user-role-editor/css/images/ui-icons_ffffff_256x240.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.2 KiB

2
wp/wp-content/plugins/user-role-editor/css/index.php Normal file
View File

@@ -0,0 +1,2 @@
<?php
// Silence is golden.

1312
wp/wp-content/plugins/user-role-editor/css/jquery-ui.css vendored Normal file
View File

File diff suppressed because it is too large Load Diff

7
wp/wp-content/plugins/user-role-editor/css/jquery-ui.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

183
wp/wp-content/plugins/user-role-editor/css/multiple-select.css Normal file
View File

@@ -0,0 +1,183 @@
@charset "UTF-8";
/**
* @author zhixin wen <wenzhixin2010@gmail.com>
*/
.ms-offscreen {
clip: rect(0 0 0 0) !important;
width: 1px !important;
height: 1px !important;
border: 0 !important;
margin: 0 !important;
padding: 0 !important;
overflow: hidden !important;
position: absolute !important;
outline: 0 !important;
left: auto !important;
top: auto !important; }
.ms-parent {
display: inline-block;
position: relative;
vertical-align: middle; }
.ms-choice {
display: block;
width: 100%;
height: 26px;
padding: 0;
overflow: hidden;
cursor: pointer;
border: 1px solid #aaa;
text-align: left;
white-space: nowrap;
line-height: 26px;
color: #444;
text-decoration: none;
border-radius: 4px;
background-color: #fff; }
.ms-choice.disabled {
background-color: #f4f4f4;
background-image: none;
border: 1px solid #ddd;
cursor: default; }
.ms-choice > span {
position: absolute;
top: 0;
left: 0;
right: 20px;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
display: block;
padding-left: 8px; }
.ms-choice > span.placeholder {
color: #999; }
.ms-choice > div.icon-close {
position: absolute;
top: 0px;
right: 16px;
height: 100%;
width: 16px; }
.ms-choice > div.icon-close:before {
content: '×';
color: #888;
font-weight: bold;
position: absolute;
top: 50%;
margin-top: -14px; }
.ms-choice > div.icon-close:hover:before {
color: #333; }
.ms-choice > div.icon-caret {
position: absolute;
width: 0;
height: 0;
top: 50%;
right: 8px;
margin-top: -2px;
border-color: #888 transparent transparent transparent;
border-style: solid;
border-width: 5px 4px 0 4px; }
.ms-choice > div.icon-caret.open {
border-color: transparent transparent #888 transparent;
border-width: 0 4px 5px 4px; }
.ms-drop {
width: auto;
min-width: 100%;
overflow: hidden;
display: none;
margin-top: -1px;
padding: 0;
position: absolute;
z-index: 1000;
background: #fff;
color: #000;
border: 1px solid #aaa;
border-radius: 4px; }
.ms-drop.bottom {
top: 100%;
box-shadow: 0 4px 5px rgba(0, 0, 0, 0.15); }
.ms-drop.top {
bottom: 100%;
box-shadow: 0 -4px 5px rgba(0, 0, 0, 0.15); }
.ms-search {
display: inline-block;
margin: 0;
min-height: 26px;
padding: 2px;
position: relative;
white-space: nowrap;
width: 100%;
z-index: 10000;
box-sizing: border-box; }
.ms-search input {
width: 100%;
height: auto !important;
min-height: 24px;
padding: 0 5px;
margin: 0;
outline: 0;
font-family: sans-serif;
border: 1px solid #aaa;
border-radius: 5px;
box-shadow: none; }
.ms-drop ul {
overflow: auto;
margin: 0;
padding: 0; }
.ms-drop ul > li {
list-style: none;
display: list-item;
background-image: none;
position: static;
padding: .25rem 8px; }
.ms-drop ul > li .disabled {
font-weight: normal !important;
opacity: .35;
filter: Alpha(Opacity=35);
cursor: default; }
.ms-drop ul > li.multiple {
display: block;
float: left; }
.ms-drop ul > li.group {
clear: both; }
.ms-drop ul > li.multiple label {
width: 100%;
display: block;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis; }
.ms-drop ul > li label {
position: relative;
padding-left: 1.25rem;
margin-bottom: 0;
font-weight: normal;
display: block;
white-space: nowrap;
cursor: pointer; }
.ms-drop ul > li label.optgroup {
font-weight: bold; }
.ms-drop ul > li.hide-radio {
padding: 0; }
.ms-drop ul > li.hide-radio:focus, .ms-drop ul > li.hide-radio:hover {
background-color: #f8f9fa; }
.ms-drop ul > li.hide-radio.selected {
color: #fff;
background-color: #007bff; }
.ms-drop ul > li.hide-radio label {
margin-bottom: 0;
padding: 5px 8px; }
.ms-drop ul > li.hide-radio input {
display: none; }
.ms-drop ul > li.option-level-1 label {
padding-left: 28px; }
.ms-drop input[type="radio"], .ms-drop input[type="checkbox"] {
position: absolute;
margin-top: .3rem;
margin-left: -1.25rem; }
.ms-drop .ms-no-results {
display: none; }

10
wp/wp-content/plugins/user-role-editor/css/multiple-select.min.css vendored Normal file
View File

@@ -0,0 +1,10 @@
/**
* multiple-select - Multiple select is a jQuery plugin to select multiple elements with checkboxes :).
*
* @version v1.5.2
* @homepage http://multiple-select.wenzhixin.net.cn
* @author wenzhixin <wenzhixin2010@gmail.com> (http://wenzhixin.net.cn/)
* @license MIT
*/
@charset "UTF-8";.ms-offscreen{clip:rect(0 0 0 0)!important;width:1px!important;height:1px!important;border:0!important;margin:0!important;padding:0!important;overflow:hidden!important;position:absolute!important;outline:0!important;left:auto!important;top:auto!important}.ms-parent{display:inline-block;position:relative;vertical-align:middle}.ms-choice{display:block;width:100%;height:26px;padding:0;overflow:hidden;cursor:pointer;border:1px solid #aaa;text-align:left;white-space:nowrap;line-height:26px;color:#444;text-decoration:none;border-radius:4px;background-color:#fff}.ms-choice.disabled{background-color:#f4f4f4;background-image:none;border:1px solid #ddd;cursor:default}.ms-choice>span{position:absolute;top:0;left:0;right:20px;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;display:block;padding-left:8px}.ms-choice>span.placeholder{color:#999}.ms-choice>div.icon-close{position:absolute;top:0;right:16px;height:100%;width:16px}.ms-choice>div.icon-close:before{content:'×';color:#888;font-weight:bold;position:absolute;top:50%;margin-top:-14px}.ms-choice>div.icon-close:hover:before{color:#333}.ms-choice>div.icon-caret{position:absolute;width:0;height:0;top:50%;right:8px;margin-top:-2px;border-color:#888 transparent transparent transparent;border-style:solid;border-width:5px 4px 0 4px}.ms-choice>div.icon-caret.open{border-color:transparent transparent #888 transparent;border-width:0 4px 5px 4px}.ms-drop{width:auto;min-width:100%;overflow:hidden;display:none;margin-top:-1px;padding:0;position:absolute;z-index:1000;background:#fff;color:#000;border:1px solid #aaa;border-radius:4px}.ms-drop.bottom{top:100%;box-shadow:0 4px 5px rgba(0,0,0,0.15)}.ms-drop.top{bottom:100%;box-shadow:0 -4px 5px rgba(0,0,0,0.15)}.ms-search{display:inline-block;margin:0;min-height:26px;padding:2px;position:relative;white-space:nowrap;width:100%;z-index:10000;box-sizing:border-box}.ms-search input{width:100%;height:auto!important;min-height:24px;padding:0 5px;margin:0;outline:0;font-family:sans-serif;border:1px solid #aaa;border-radius:5px;box-shadow:none}.ms-drop ul{overflow:auto;margin:0;padding:0}.ms-drop ul>li{list-style:none;display:list-item;background-image:none;position:static;padding:.25rem 8px}.ms-drop ul>li .disabled{font-weight:normal!important;opacity:.35;filter:Alpha(Opacity=35);cursor:default}.ms-drop ul>li.multiple{display:block;float:left}.ms-drop ul>li.group{clear:both}.ms-drop ul>li.multiple label{width:100%;display:block;white-space:nowrap;overflow:hidden;text-overflow:ellipsis}.ms-drop ul>li label{position:relative;padding-left:1.25rem;margin-bottom:0;font-weight:normal;display:block;white-space:nowrap;cursor:pointer}.ms-drop ul>li label.optgroup{font-weight:bold}.ms-drop ul>li.hide-radio{padding:0}.ms-drop ul>li.hide-radio:focus,.ms-drop ul>li.hide-radio:hover{background-color:#f8f9fa}.ms-drop ul>li.hide-radio.selected{color:#fff;background-color:#007bff}.ms-drop ul>li.hide-radio label{margin-bottom:0;padding:5px 8px}.ms-drop ul>li.hide-radio input{display:none}.ms-drop ul>li.option-level-1 label{padding-left:28px}.ms-drop input[type="radio"],.ms-drop input[type="checkbox"]{position:absolute;margin-top:.3rem;margin-left:-1.25rem}.ms-drop .ms-no-results{display:none}

BIN
wp/wp-content/plugins/user-role-editor/css/multiple-select.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.3 KiB

294
wp/wp-content/plugins/user-role-editor/css/ure-admin.css Normal file
View File

@@ -0,0 +1,294 @@
/*
Document : ure_admin
Created on : 10.03.2010
Author : Vladimir Garagulya
Description:
User Role Editor plugin Admin Settings Page CSS
*/
/*
Syntax recommendation http://www.w3.org/TR/REC-CSS2/
*/
.txt_left {
text-align: left;
}
.txt_center {
text-align: center;
}
.txt_right {
text-align: right;
}
.nowrap {
white-space: nowrap;
}
img.input_radio {
vertical-align: middle;
}
a.ure_rsb_link {
padding:4px;
display:block;
padding-left:25px;
background-repeat:no-repeat;
background-position:5px 50%;
text-decoration:none;
border:none;
}
a.ure_rsb_link:hover {
border-bottom-width:1px;
}
input.warning:hover, a.warning:hover {
color: red;
}
#ure_container {
display: table;
width: 100%;
}
.ure-table {
display: table;
}
.ure-table-cell {
display: table-cell;
margin: 0;
padding: 0;
vertical-align: top;
}
#ure-sidebar {
width: 270px;
padding-left: 20px;
}
.filtered, .hidden {
display: none;
}
#user_role_editor {
}
#ure_form_controls {
}
#ure_role_selector {
padding: 10px 0 0 10px;
}
#ure_user_caps_header {
padding: 10px 0 0 10px;
font-size: 16px;
}
#ure_user_caps_title {
font-weight: bold;
}
#ure_role_select_label {
font-size: 16px;
font-weight: bold;
}
.ure-caps-option {
padding-left: 20px;
}
#ure_caps_container {
width: 100%;
}
#ure_toolbar {
margin-top: 10px;
border: 1px solid #dfdfdf;
-webkit-box-shadow: inset 0 1px 0 #fff;
box-shadow: inset 0 1px 0 #fff;
-webkit-border-radius: 3px;
border-radius: 3px;
background: #f5f5f5;
padding: 5px;
}
.ure_toolbar_button {
width: 100%;
margin-bottom: 3px;
}
#ure_update {
width: 100%;
margin-top: 10px;
margin-bottom: 10px;
}
#ure_service_tools {
margin-top: 10px;
}
.ure-modal-dialog {
display: none;
padding: 10px;
}
.ure-label {
clear: left;
float: left;
display: block;
width: 150px;
}
.ure-input {
float: left;
display: inline;
width: 200px;
margin-bottom: 5px;
}
#ure_user_roles {
vertical-align: text-top;
padding-right: 10px;
padding-top: 5px;
font-size: 1.1em;
border-top: 1px solid #cccccc;
border-right: 1px solid #cccccc;
min-width: 200px;
width: 20%;
}
.ure-user-role-section-title {
margin-top: 5px;
margin-bottom: 5px;
font-weight: bold;
}
/* Multipe select */
.countLabel {
color:Gray;
font-style:italic;
}
.storageBox {
display:none;
}
.copiedOption {
background-color:Yellow;
}
.ure-caps-cell {
vertical-align:top;
padding-top: 5px;
}
.ure-cap-div {
white-space: nowrap;
}
#other_default_roles {
display: block;
margin: 10px;
}
.ure-dialog {
display: none;
}
#ure_admin_menu_access_table td {
cursor: pointer;
}
#ure_admin_menu_access_table tr:hover {
background-color: #04a4cc;
color: #ffffff;
}
.ure_table_row_selected {
background-color: #04a4cc;
color: #ffffff;
}
#ure_caps_groups_td {
padding:0 10px 0 10px;
min-width:25%;
border-right: 1px solid #cccccc;
}
#ure_caps_td {
width:60%;
padding-left: 10px;
}
#ure_toolbar_td {
width: 15%;
min-width:200px;
padding-left: 10px;
}
#ure_editor_options {
margin-bottom: 10px;
}
#ure_caps_groups_title {
min-width: 250px;
vertical-align:middle;
border-bottom: 1px solid #cccccc;
border-right: 1px solid #cccccc;
}
#ure_caps_select {
vertical-align:middle;
border-bottom: 1px solid #cccccc;
padding: 5px 5px 5px 10px;
}
#ure_toolbar_title {
border-bottom: 1px solid #cccccc;
}
#ure_caps_groups_list .ui-selecting {
background: #DDDDDD;
}
#ure_caps_groups_list .ui-selected {
background: #CCCCCC;
color: #444444;
}
#ure_caps_groups_list li {
min-height: 20px;
line-height: 20px;
cursor: pointer;
}
.plugins {
color: #444444;
}
#ure_caps_list_container {
float: left;
width: 100%;
overflow: auto;
min-height: 600px;
max-height: 720px;
}
#ure_caps_list {
-moz-column-count: 1;
-webkit-column-count: 1;
column-count: 1;
column-width: auto;
display: inline-block;
min-width: 100%;
}

BIN
wp/wp-content/plugins/user-role-editor/images/admin-menu-editor-pro.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 88 KiB

BIN
wp/wp-content/plugins/user-role-editor/images/ajax-loader.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 673 B

BIN
wp/wp-content/plugins/user-role-editor/images/changelog-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 494 B

BIN
wp/wp-content/plugins/user-role-editor/images/donate-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

BIN
wp/wp-content/plugins/user-role-editor/images/faq-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 847 B

BIN
wp/wp-content/plugins/user-role-editor/images/help.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 786 B

3
wp/wp-content/plugins/user-role-editor/images/index.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
// Silence is golden.
?>

BIN
wp/wp-content/plugins/user-role-editor/images/remove-16.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 483 B

BIN
wp/wp-content/plugins/user-role-editor/images/user-role-editor-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 867 B

BIN
wp/wp-content/plugins/user-role-editor/images/user-role-editor-page-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.4 KiB

BIN
wp/wp-content/plugins/user-role-editor/images/user-role-editor-pro-728x90.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 58 KiB

BIN
wp/wp-content/plugins/user-role-editor/images/vladimir.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 767 B

37
wp/wp-content/plugins/user-role-editor/includes/classes/admin-notice.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
/*
* admin_notices action support for User Role Editor plugin
*
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://role-editor.com
*/
class URE_Admin_Notice {
// Message class: update, success, warning
private $message_class;
private $message;
function __construct( $message_class, $message ) {
$this->message = $message;
$this->message_class = $message_class;
add_action('admin_notices', array($this, 'render') );
}
// end of __construct()
public function render() {
printf('<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $this->message_class, $this->message );
}
// end of render()
}
// end of class URE_Admin_Notice

113
wp/wp-content/plugins/user-role-editor/includes/classes/advertisement.php Normal file
View File

@@ -0,0 +1,113 @@
<?php
/*
* User Role Editor plugin: advertisement showing class
* Author: Vladimir Garagulya
* email: vladimir@shinephp.com
* site: http://shinephp.com
*
*/
class URE_Advertisement {
private $slots_quantity = 1;
private $slots = array();
function __construct() {
$this->init();
}
// end of __construct
/**
* Returns random number not included into input array
*
* @param array $used - array of numbers used already
*
* @return int
*/
private function rand_unique( $max_ind, $used = array(-1) ) {
if ( $max_ind<0 ) {
$max_ind = 0;
}
$index = wp_rand( 0, $max_ind );
$iterations = 0;
while ( in_array( $index, $used ) && $iterations<=$max_ind * 3 ) {
$index = wp_rand( 0, $max_ind );
$iterations++;
}
return $index;
}
// return rand_unique()
private function init() {
$this->slots = array();
$used = array(-1);
$max_ind = $this->slots_quantity - 1;
$index = $this->rand_unique( $max_ind, $used );
$this->slots[$index] = $this->admin_menu_editor();
/*
$used[] = $index;
$index = $this->rand_unique( $used, $max_ind );
$this->slots[$index] = $this->some_other_slot();
ksort( $this->slots );
*
*/
}
// end of init()
/*
private function some_other_slot() {
$output = '
<div style="text-align: center;">
bla-bla-bla;
</div>';
return $output;
}
*/
// content of Admin Menu Editor advertisement slot
private function admin_menu_editor() {
$output = '
<div style="text-align: center;">
<a href="https://adminmenueditor.com/?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins" target="_new" >
<img src="' . URE_PLUGIN_URL . 'images/admin-menu-editor-pro.jpg' . '" alt="Admin Menu Editor Pro"
title="Move, rename, hide, add admin menu items, restrict access" width="250" height="250" />
</a>
</div>
';
return $output;
}
// end of admin_menu_editor()
/**
* Output all existed ads slots
*/
public function display() {
if ( empty( $this->slots ) ) {
return;
}
?>
<div id="ure-sidebar" class="ure_table_cell" >
<?php
foreach ($this->slots as $slot) {
echo $slot . "\n";
}
?>
</div>
<?php
}
// end of display()
}
// end of URE_Advertisement class

373
wp/wp-content/plugins/user-role-editor/includes/classes/ajax-processor.php Normal file
View File

@@ -0,0 +1,373 @@
<?php
/*
* User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Email: support@role-editor.com
* License: GPLv2 or later
*/
/**
* Process AJAX request from User Role Editor
*
* @author vladimir
*/
class URE_Ajax_Processor {
protected $lib = null;
protected $action = null;
protected $debug = null;
public function __construct( ) {
$this->lib = URE_Lib::get_instance();
$this->debug = ( defined('WP_PHP_UNIT_TEST') && WP_PHP_UNIT_TEST==true );
}
// end of __construct()
protected function get_action() {
$action = $this->lib->get_request_var( 'sub_action', 'post' );
if ( empty( $action ) ) {
$action = $this->lib->get_request_var( 'sub_action', 'get' );
}
return $action;
}
// end of get_action()
protected function get_required_cap() {
if ( $this->action=='grant_roles' || $this->action=='get_user_roles' ) {
$cap = 'promote_users';
} else {
$cap = URE_Own_Capabilities::get_key_capability();
}
return $cap;
}
// end of get_required_cap()
protected function valid_nonce() {
if ( !isset( $_REQUEST['wp_nonce'] ) || !wp_verify_nonce( $_REQUEST['wp_nonce'], 'user-role-editor' ) ) {
echo wp_json_encode( array('result'=>'error', 'message'=>'URE: Wrong or expired request') );
return false;
} else {
return true;
}
}
// end of check_nonce()
protected function user_can() {
$capability = $this->get_required_cap();
if ( !current_user_can( $capability ) ) {
echo wp_json_encode( array('result'=>'error', 'message'=>'URE: Insufficient permissions') );
return false;
} else {
return true;
}
}
// end of check_user_cap()
protected function add_role() {
$editor = URE_Editor::get_instance();
$response = $editor->add_new_role();
$answer = array(
'result'=>$response['result'],
'role_id'=>$response['role_id'],
'role_name'=>$response['role_name'],
'message'=>$response['message']
);
return $answer;
}
// end of add_role()
protected function update_role() {
$editor = URE_Editor::get_instance();
$response = $editor->update_role();
$answer = array(
'result'=>$response['result'],
'role_id'=>$response['role_id'],
'role_name'=>$response['role_name'],
'message'=>$response['message']
);
return $answer;
}
// end of add_role()
protected function add_capability() {
$response = URE_Capability::add( 'role' );
$editor = URE_Editor::get_instance();
$editor->init1();
$message = $editor->init_current_role_name();
if ( empty( $message ) ) {
$view = new URE_View();
$html = $view->_show_capabilities( true, true );
} else {
$html = '';
$response['result'] = 'error';
$response['message'] = $message;
}
$answer = array('result'=>$response['result'], 'html'=>$html, 'message'=>$response['message']);
return $answer;
}
// end of add_capability()
protected function delete_capability() {
$result = URE_Capability::delete();
if ( is_array( $result ) ) {
$notification = $result['message'];
$deleted_caps = $result['deleted_caps'];
} else {
$notification = $result;
$deleted_caps = array();
}
$answer = array('result'=>'success', 'deleted_caps'=>$deleted_caps, 'message'=>$notification);
return $answer;
}
// end of delete_cap()
protected function delete_role() {
$editor = URE_Editor::get_instance();
$response = $editor->delete_role();
$answer = array(
'result'=>$response['result'],
'message'=>$response['message'],
'deleted_roles'=> $response['deleted_roles']
);
return $answer;
}
// end of delete_role()
protected function rename_role() {
$editor = URE_Editor::get_instance();
$response = $editor->rename_role();
$answer = array(
'result'=>$response['result'],
'message'=>$response['message'],
'role_id'=> $response['role_id'],
'role_name'=>$response['role_name']
);
return $answer;
}
// end of rename_role()
protected function get_caps_to_remove() {
$html = URE_Role_View::caps_to_remove_html();
$answer = array('result'=>'success', 'html'=>$html, 'message'=>'success');
return $answer;
}
// end of get_caps_to_remove()
protected function get_users_without_role() {
$new_role = $this->lib->get_request_var( 'new_role', 'post' );
if ( empty( $new_role ) ) {
$answer = array('result'=>'error', 'message'=>'Provide new role');
return $answer;
}
$assign_role = $this->lib->get_assign_role();
if ( $new_role==='no_rights') {
$assign_role->create_no_rights_role();
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles[$new_role] ) ) {
$answer = array('result'=>'error', 'message'=>'Selected new role does not exist');
return $answer;
}
$users = $assign_role->get_users_without_role();
$answer = array(
'result'=>'success',
'users'=>$users,
'new_role'=>$new_role,
'message'=>'success'
);
return $answer;
}
// end of get_users_without_role()
protected function grant_roles() {
$answer = URE_Grant_Roles::grant_roles();
return $answer;
}
// end of grant_roles()
protected function get_user_roles() {
$answer = URE_Grant_Roles::get_user_roles();
return $answer;
}
// end of get_user_roles()
protected function get_role_caps() {
$role = $this->lib->get_request_var('role', 'post' );
if ( empty( $role ) ) {
$answer = array('result'=>'error', 'message'=>'Provide role ID');
return $answer;
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles[$role] ) ) {
$answer = array('result'=>'error', 'message'=>'Requested role does not exist');
return $answer;
}
$active_items = URE_Role_Additional_Options::get_active_items();
if ( isset( $active_items[$role] ) ) {
$role_options = $active_items[$role];
} else {
$role_options = array();
}
$caps = array();
foreach( $wp_roles->roles[$role]['capabilities'] as $cap_id=>$allowed ) {
$cap = URE_Capability::escape( $cap_id );
$caps[$cap] = $allowed;
}
$answer = array(
'result'=>'success',
'message'=>'Role capabilities retrieved successfully',
'role_id'=>$role,
'role_name'=>$wp_roles->roles[$role]['name'],
'caps'=>$caps,
'options'=>$role_options
);
return $answer;
}
// end of get_role_caps()
protected function hide_pro_banner() {
$this->lib->put_option('ure_hide_pro_banner', 1);
$this->lib->flush_options();
$answer = array(
'result'=>'success',
'message'=>'Pro banner was hidden'
);
return $answer;
}
// end of hide_pro_banner()
protected function _dispatch() {
switch ( $this->action ) {
case 'update_role':
$answer = $this->update_role();
break;
case 'add_role':
$answer = $this->add_role();
break;
case 'add_capability':
$answer = $this->add_capability();
break;
case 'delete_capability':
$answer = $this->delete_capability();
break;
case 'delete_role':
$answer = $this->delete_role();
break;
case 'get_caps_to_remove':
$answer = $this->get_caps_to_remove();
break;
case 'get_users_without_role':
$answer = $this->get_users_without_role();
break;
case 'grant_roles':
$answer = $this->grant_roles();
break;
case 'get_user_roles':
$answer = $this->get_user_roles();
break;
case 'get_role_caps':
$answer = $this->get_role_caps();
break;
case 'rename_role':
$answer = $this->rename_role();
break;
case 'hide_pro_banner':
$answer = $this->hide_pro_banner();
break;
default:
$answer = array('result' => 'error', 'message' => 'Unknown action "' . $this->action . '"');
}
return $answer;
}
// end of _dispatch()
/**
* AJAX requests dispatcher
*/
public function dispatch() {
$this->action = $this->get_action();
if ( !$this->valid_nonce() || !$this->user_can() ) {
die;
}
$answer = $this->_dispatch();
$json_answer = wp_json_encode($answer);
echo $json_answer;
die;
}
// end of dispatch()
}
// end of URE_Ajax_Processor

177
wp/wp-content/plugins/user-role-editor/includes/classes/assign-role.php Normal file
View File

@@ -0,0 +1,177 @@
<?php
/**
* Project: User Role Editor plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* Greetings: some ideas and code samples for long running cron job was taken from the "Broken Link Checker" plugin (Janis Elst).
* License: GPL v2+
*
* Assign role to the users without role stuff
*/
class URE_Assign_Role {
const MAX_USERS_TO_PROCESS = 50;
private static $counter = 0;
private $lib = null;
private $quick_count = true;
function __construct() {
$this->lib = URE_Lib::get_instance();
$this->quick_count = $this->count_quick_or_thoroughly();
}
// end of __construct()
public function create_no_rights_role() {
$role_id = 'no_rights';
$role_name = 'No rights';
$wp_roles = wp_roles();
if ( isset( $wp_roles->roles[$role_id] ) ) {
return;
}
add_role( $role_id, $role_name, array() );
}
// end of create_no_rights_role()
private function count_quick_or_thoroughly() {
$quick_count = true;
if ( defined('URE_COUNT_USERS_WITHOUT_ROLE_THOROUGHLY') && URE_COUNT_USERS_WITHOUT_ROLE_THOROUGHLY ) {
$quick_count = false;
} elseif ( $this->lib->is_pro() ) {
$count_thoroughly = $this->lib->get_option( 'count_users_without_role_thoroughly', false );
if ( $count_thoroughly ) {
$quick_count = false;
}
}
$quick_count = apply_filters('ure_count_users_without_role_quick', $quick_count );
return $quick_count;
}
// end of count_quick_or_thoroughly()
private function get_thorougly_where_condition() {
global $wpdb;
$usermeta = $wpdb->usermeta;
$id = get_current_blog_id();
$blog_prefix = $wpdb->get_blog_prefix( $id );
$where = "WHERE NOT EXISTS (SELECT user_id from {$usermeta} ".
"WHERE user_id=users.ID AND meta_key='{$blog_prefix}capabilities') OR ".
"EXISTS (SELECT user_id FROM {$usermeta} ".
"WHERE user_id=users.ID AND meta_key='{$blog_prefix}capabilities' AND ".
"(meta_value='a:0:{}' OR meta_value IS NULL))";
return $where;
}
// end of get_thoroughly_where_condition()
private function get_quick_query_part2() {
global $wpdb;
$usermeta = $wpdb->usermeta;
$id = get_current_blog_id();
$blog_prefix = $wpdb->get_blog_prefix($id);
$query = "FROM {$usermeta} usermeta ".
"INNER JOIN {$wpdb->users} users ON usermeta.user_id=users.ID ".
"WHERE usermeta.meta_key='{$blog_prefix}capabilities' AND ".
"(usermeta.meta_value = 'a:0:{}' OR usermeta.meta_value is NULL)";
return $query;
}
// end of get_quick_query_part2()
private function get_users_count_query() {
global $wpdb;
if ( $this->quick_count ) {
$part2 = $this->get_quick_query_part2();
$query = "SELECT COUNT(DISTINCT usermeta.user_id) {$part2}";
} else {
$where = $this->get_thorougly_where_condition();
$query = "SELECT count(ID) FROM {$wpdb->users} users {$where}";
}
return $query;
}
// end of get_users_count_query()
public function count_users_without_role() {
global $wpdb;
$users_quant = get_transient('ure_users_without_role');
if (empty($users_quant)) {
$query = $this->get_users_count_query();
$users_quant = $wpdb->get_var( $query );
set_transient('ure_users_without_role', $users_quant, 15 );
}
return $users_quant;
}
// end of count_users_without_role()
public function get_users_without_role() {
global $wpdb;
$top_limit = self::MAX_USERS_TO_PROCESS;
if ( $this->quick_count ) {
$part2 = $this->get_quick_query_part2();
$query = "SELECT DISTINCT usermeta.user_id {$part2}
LIMIT 0, {$top_limit}";
} else {
$where = $this->get_thorougly_where_condition();
$query = "SELECT users.ID FROM {$wpdb->users} users
{$where}
LIMIT 0, {$top_limit}";
}
$users0 = $wpdb->get_col( $query );
return $users0;
}
// end of get_users_without_role()
public function show_html() {
$users_quant = $this->count_users_without_role();
if ($users_quant==0) {
return;
}
$button_number = (self::$counter>0) ? '_2': '';
?>
&nbsp;&nbsp;<input type="button" name="move_from_no_role<?php echo $button_number;?>" id="move_from_no_role<?php echo $button_number;?>" class="button"
value="Without role (<?php echo $users_quant;?>)" onclick="ure_move_users_from_no_role_dialog()">
<?php
if ( self::$counter==0 ) {
?>
<div id="move_from_no_role_dialog" class="ure-dialog">
<div id="move_from_no_role_content" style="padding: 10px;"></div>
</div>
<?php
self::$counter++;
}
}
// end of show_html()
}
// end of URE_Assign_Role class

388
wp/wp-content/plugins/user-role-editor/includes/classes/base-lib.php Normal file
View File

@@ -0,0 +1,388 @@
<?php
/*
* General stuff for usage at WordPress plugins
* Author: Vladimir Garagulya
* Author email: vladimir@shinephp.com
* Author URI: http://shinephp.com
*
*/
/**
* This class contains general stuff for usage at WordPress plugins and must be extended by child class
*/
class URE_Base_Lib {
protected static $instance = null; // object exemplar reference
protected $options_id = ''; // identifire to save/retrieve plugin options to/from wp_option DB table
protected $options = array(); // plugin options data
protected $multisite = false;
protected $active_for_network = false;
protected $main_blog_id = 0;
public static function get_instance( $options_id = '') {
if ( self::$instance===null ) {
self::$instance = new URE_Base_Lib( $options_id );
}
return self::$instance;
}
// end of get_instance()
/**
* class constructor
* @param string $options_id to save/retrieve plugin options to/from wp_option DB table
*/
protected function __construct( $options_id ) {
$this->multisite = function_exists( 'is_multisite' ) && is_multisite();
if ( $this->multisite ) {
// get Id of the 1st (main) blog
$this->main_blog_id = $this->get_main_site();
}
$this->init_options( $options_id );
}
// end of __construct()
public function get( $property_name ) {
if ( !property_exists( $this, $property_name ) ) {
syslog( LOG_ERR, 'Lib class does not have such property '. $property_name );
return null;
}
return $this->$property_name;
}
// end of get_property()
public function set( $property_name, $property_value ) {
if ( !property_exists( $this, $property_name ) ) {
syslog( LOG_ERR, 'Lib class does not have such property '. $property_name );
}
$this->$property_name = $property_value;
}
// end of get_property()
public function get_main_site() {
global $current_site;
$blog_id = is_object( $current_site ) ? $current_site->blog_id : null;
return $blog_id;
}
// end of get_main_site()
/**
* get current options for this plugin
*/
protected function init_options( $options_id ) {
$this->options_id = $options_id;
$this->options = get_option( $options_id, array() );
}
// end of init_options()
/**
* Return HTML formatted message
*
* @param string $message message text
* @param string $error_style message div CSS style
*/
public function show_message( $message, $error_style = false ) {
if ( $message ) {
if ( $error_style ) {
echo '<div id="message" class="notice notice-warning is-dismissible">';
} else {
echo '<div id="message" class="notice notice-success is-dismissible">';
}
echo '<p>'. $message . '</p></div>';
}
}
// end of show_message()
/*
* Replacer for FILTER_SANITIZE_STRING deprecated with PHP 8.1
*/
public static function filter_string_polyfill( $string ) {
$str = preg_replace('/\x00|<[^>]*>?/', '', $string);
return str_replace(["'", '"'], ['&#39;', '&#34;'], $str);
}
// end of filter_string_polyfill()
public static function filter_string_var( $raw_str ) {
$value1 = filter_var( $raw_str, FILTER_UNSAFE_RAW );
$value2 = self::filter_string_polyfill( $value1 );
return $value2;
}
// end of filter_string_var()
/**
* Returns value by name from GET/POST/REQUEST. Minimal type checking is provided
*
* @param string $var_name Variable name to return
* @param string $request_type type of request to process get/post/request (default)
* @param string $var_type variable type to provide value checking
* @return mix variable value from request
*/
public function get_request_var( $var_name, $request_type = 'request', $var_type = 'string') {
$result = 0;
$request_type = strtolower( $request_type );
switch ( $request_type ) {
case 'get': {
if ( isset( $_GET[$var_name] ) ) {
$result = self::filter_string_var( $_GET[$var_name] );
}
break;
}
case 'post': {
if ( isset( $_POST[$var_name] ) ) {
if ( $var_type!='checkbox') {
$result = self::filter_string_var( $_POST[$var_name] );
} else {
$result = 1;
}
}
break;
}
case 'request': {
if ( isset( $_REQUEST[$var_name] ) ) {
$result = self::filter_string_var( $_REQUEST[$var_name] );
}
break;
}
default: {
$result = -1; // Wrong request type value, possible mistake in a function call
}
}
if ( $result ) {
if ( $var_type == 'int' && !is_numeric( $result ) ) {
$result = 0;
}
if ( $var_type != 'int') {
$result = esc_attr( $result );
}
}
return $result;
}
// end of get_request_var()
/**
* returns option value for option with name in $option_name
*/
public function get_option( $option_name, $default = false ) {
if ( isset( $this->options[$option_name] ) ) {
$value = $this->options[$option_name];
} else {
$value = $default;
}
$value = apply_filters('ure_get_option_'. $option_name, $value );
return $value;
}
// end of get_option()
/**
* puts option value according to $option_name option name into options array property
*/
public function put_option( $option_name, $option_value, $flush_options = false ) {
if ( !is_array( $this->options ) ) {
$this->options = array();
}
$this->options[$option_name] = $option_value;
if ( $flush_options ) {
$this->flush_options();
}
}
// end of put_option()
/**
* Delete URE option with name option_name
* @param string $option_name
* @param bool $flush_options
*/
public function delete_option( $option_name, $flush_options = false ) {
if ( array_key_exists( $option_name, $this->options ) ) {
unset( $this->options[$option_name] );
if ( $flush_options ) {
$this->flush_options();
}
}
}
// end of delete_option()
/**
* Saves options array into WordPress database wp_options table
*/
public function flush_options() {
update_option( $this->options_id, $this->options );
}
// end of flush_options()
/**
* Check product version and stop execution if product version is not compatible with required one
* @param string $version1
* @param string $version2
* @param string $error_message
* @return void
*/
public static function check_version( $version1, $version2, $error_message, $plugin_file_name ) {
if ( version_compare($version1, $version2, '<') ) {
if ( is_admin() && ( !defined('DOING_AJAX') || !DOING_AJAX ) ) {
require_once ABSPATH . '/wp-admin/includes/plugin.php';
deactivate_plugins( $plugin_file_name );
new URE_Admin_Notice('warning', $error_message );
return false;
}
}
return true;
}
// end of check_version()
public function get_current_url() {
global $wp;
$current_url = esc_url_raw( add_query_arg( $wp->query_string, '', home_url( $wp->request ) ) );
return $current_url;
}
// end of get_current_url()
/**
* Returns comma separated list from the first $items_count element of $full_list array
*
* @param array $full_list
* @param int $items_count
* @return string
*/
public function get_short_list_str( $full_list, $items_count=3 ) {
if ( empty( $full_list ) || !is_array( $full_list ) ) {
return '...';
}
$short_list = array(); $i = 0;
foreach($full_list as $item) {
if ( $i>=$items_count ) {
break;
}
$short_list[] = $item;
$i++;
}
$str = implode(', ', $short_list );
if ( $items_count<count( $full_list ) ) {
$str .= ', ...';
}
return $str;
}
// end of get_short_list_str()
/**
* Prepare the list of integer or string values for usage in SQL query IN (val1, val2, ... , valN) claster
* @global wpdb $wpdb
* @param string $list_type: allowed values 'int', 'string'
* @param array $list_values: array of integers or strings
* @return string - comma separated values (CSV)
*/
public static function esc_sql_in_list( $list_type, $list_values ) {
global $wpdb;
if ( empty( $list_values ) || !is_array( $list_values ) || count( $list_values )==0 ) {
return '';
}
if ( $list_type=='int' ) {
$placeholder = '%d'; // Integer
} else {
$placeholder = '%s'; // String
}
$placeholders = array_fill( 0, count( $list_values ), $placeholder );
$str = implode(',', $placeholders );
$result = $wpdb->prepare( $str, $list_values );
return $result;
}
// end of esc_sql_in_list()
/**
* Returns the array of multi-site WP sites/blogs IDs for the current network
* @global wpdb $wpdb
* @return array
*/
public function get_blog_ids() {
global $wpdb;
if ( !$this->multisite ) {
return null;
}
$network = get_current_site();
$query = $wpdb->prepare(
"SELECT blog_id FROM {$wpdb->blogs}
WHERE site_id=%d ORDER BY blog_id ASC",
array( $network->id ) );
$blog_ids = $wpdb->get_col( $query );
return $blog_ids;
}
// end of get_blog_ids()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of URE_Base_Lib class

116
wp/wp-content/plugins/user-role-editor/includes/classes/bbpress.php Normal file
View File

@@ -0,0 +1,116 @@
<?php
/**
* Support for bbPress user roles and capabilities
*
* Project: User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: vladimir@shinephp.com
* Author URI: http://shinephp.com
*
**/
class URE_bbPress {
protected $bbpress_detected = false;
public function __construct() {
add_action('plugins_loaded', array($this, 'detect_bbpress'), 8 );
}
// end of __construct()
public function detect_bbpress() {
$this->bbpress_detected = false;
if ( function_exists('bbp_filter_blog_editable_roles') ) {
$this->bbpress_detected = true; // bbPress plugin is installed and active
}
}
// end of detect_bbpress()
public function is_active() {
return $this->bbpress_detected;
}
// end of is_active()
/**
* Exclude roles created by bbPress
*
* @global array $wp_roles
* @return array
*/
public function get_roles() {
$wp_roles = wp_roles();
if ($this->bbpress_detected) {
$roles = bbp_filter_blog_editable_roles( $wp_roles->roles ); // exclude bbPress roles
} else {
$roles = $wp_roles->roles;
}
return $roles;
}
// end of get_roles()
/**
* Get full list user capabilities created by bbPress
*
* @return array
*/
public function get_caps() {
if ( $this->bbpress_detected ) {
$caps = array_keys( bbp_get_caps_for_role( bbp_get_keymaster_role() ) );
} else {
$caps = array();
}
return $caps;
}
// end of get_caps()
/**
* Return empty array in order do not include bbPress roles into selectable lists: supported by Pro version only
* @return array
*/
public function get_bbp_editable_roles() {
$all_bbp_roles = array();
return $all_bbp_roles;
}
// end of get_bbp_editable_roles()
/**
* Return bbPress roles found at $roles array. Used to exclude bbPress roles from processing as free version should not support them
*
* @param array $roles
* @return array
*/
public function extract_bbp_roles($roles) {
$user_bbp_roles = array();
if ( $this->bbpress_detected ) {
$all_bbp_roles = array_keys( bbp_get_dynamic_roles() );
foreach( $roles as $role ) {
if ( in_array( $role, $all_bbp_roles ) ) {
$user_bbp_roles[] = $role;
}
}
}
return $user_bbp_roles;
}
// end of extract_bbp_roles()
}
// end of URE_bbPress class

505
wp/wp-content/plugins/user-role-editor/includes/classes/capabilities-groups-manager.php Normal file
View File

@@ -0,0 +1,505 @@
<?php
/**
* Class to group user capabilities for better structuring
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Capabilities_Groups_Manager {
private static $instance = null;
private $lib = null;
private $groups = null;
private $built_in_wp_caps = null;
private $cpt_caps = null;
public static function get_instance() {
if (self::$instance === null) {
// new static() will work too
self::$instance = new URE_Capabilities_Groups_Manager();
}
return self::$instance;
}
// end of get_instance()
private function __construct() {
$this->lib = URE_Lib::get_instance();
$this->_get_built_in_wp_caps();
$this->_get_all_custom_post_types_caps();
}
// end of __construct()
public function add_custom_post_types() {
$this->groups['custom_post_types'] = array(
'caption'=>esc_html__('Custom Post Types', 'user-role-editor'),
'parent'=>'all',
'level'=>1
);
$post_types = get_post_types( array(), 'objects');
$_post_types = $this->lib->_get_post_types();
$built_in_pt = array('post', 'page');
if ( $post_types['attachment']->cap->edit_posts=='edit_posts') {
$built_in_pt[] = 'attachment';
}
$show_wc_post_types_under_wc_only = apply_filters('ure_show_wc_post_types_under_wc_only', false);
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) || in_array( $post_type->name, $built_in_pt ) ) {
continue;
}
if ( $show_wc_post_types_under_wc_only && in_array( $post_type->name, URE_Woocommerce_Capabilities::$post_types ) ) {
continue;
}
/*
if (!$post_type->public) {
continue;
}
*
*/
$this->groups[$post_type->name] = array(
'caption'=>$post_type->labels->name,
'parent'=>'custom_post_types',
'level'=>2
);
}
}
// end of add_custom_post_types()
private function add_ure_group() {
$this->groups['user_role_editor'] = array(
'caption'=>esc_html__('User Role Editor', 'user-role-editor'),
'parent'=>'custom',
'level'=>2
);
}
// end of get_ure_group()
private function add_woocommerce_groups() {
$full_caps = $this->lib->init_full_capabilities( 'role' );
if ( !isset( $full_caps['manage_woocommerce'] ) ) {
return;
}
$post_types = get_post_types( array(), 'objects');
$this->groups['woocommerce'] = array(
'caption'=>esc_html__('WooCommerce', 'user-role-editor'),
'parent'=>'custom',
'level'=>2
);
$this->groups['woocommerce_core'] = array(
'caption'=>esc_html__('Core', 'user-role-editor'),
'parent'=>'woocommerce',
'level'=>3
);
foreach( URE_Woocommerce_Capabilities::$post_types as $post_type ) {
if ( !isset( $post_types[$post_type] ) ) {
continue;
}
$this->groups['woocommerce_'. $post_type] = array(
'caption'=>$post_types[$post_type]->labels->name,
'parent'=>'woocommerce',
'level'=>3
);
}
}
// end of add_woocommerce_group()
private function get_base_wp_groups() {
$groups = array(
'all'=>array(
'caption'=>esc_html__('All', 'user-role-editor'),
'parent'=>null,
'level'=>0
),
'core'=>array(
'caption'=>esc_html__('Core', 'user-role-editor'),
'parent'=>'all',
'level'=>1
),
'general'=>array(
'caption'=>esc_html__('General', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'themes'=>array(
'caption'=>esc_html__('Themes', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'posts'=>array(
'caption'=>esc_html__('Posts', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'pages'=>array(
'caption'=>esc_html__('Pages', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'plugins'=>array(
'caption'=>esc_html__('Plugins', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'users'=>array(
'caption'=>esc_html__('Users', 'user-role-editor'),
'parent'=>'core',
'level'=>2
)
);
return $groups;
}
// end of get_base_wp_groups
public function get_groups_tree() {
if ($this->groups!==null) {
return $this->groups;
}
$this->groups = $this->get_base_wp_groups();
$multisite = $this->lib->get('multisite');
if ( $multisite ) {
$this->groups['multisite'] = array(
'caption'=>esc_html__('Multisite', 'user-role-editor'),
'parent'=>'core',
'level'=>2
);
}
$this->groups['deprecated'] = array(
'caption'=>esc_html__('Deprecated', 'user-role-editor'),
'parent'=>'core',
'level'=>2
);
$this->add_custom_post_types();
$this->groups['custom'] = array(
'caption'=>esc_html__('Custom capabilities', 'user-role-editor'),
'parent'=>'all',
'level'=>1
);
$this->add_ure_group();
$this->add_woocommerce_groups();
$this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
return $this->groups;
}
// end of get_groups_tree()
/**
* return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
*
* @return array
*/
private function _get_built_in_wp_caps() {
$wp_version = get_bloginfo('version');
$multisite = $this->lib->get('multisite');
$caps = array();
$caps['switch_themes'] = array('core', 'themes');
$caps['edit_themes'] = array('core', 'themes');
$caps['activate_plugins'] = array('core', 'plugins');
$caps['edit_plugins'] = array('core', 'plugins');
$caps['edit_users'] = array('core', 'users');
$caps['edit_files'] = array('core', 'deprecated');
$caps['manage_options'] = array('core', 'general');
$caps['moderate_comments'] = array('core', 'posts', 'general');
$caps['manage_categories'] = array('core', 'posts', 'general');
$caps['manage_links'] = array('core', 'general');
$caps['upload_files'] = array('core', 'general');
$caps['import'] = array('core', 'general');
$caps['unfiltered_html'] = array('core','general');
if ( $multisite ) {
$caps['unfiltered_html'] = array('deprecated');
}
$caps['edit_posts'] = array('core', 'posts');
$caps['edit_others_posts'] = array('core', 'posts');
$caps['edit_published_posts'] = array('core', 'posts');
$caps['publish_posts'] = array('core', 'posts');
$caps['edit_pages'] = array('core', 'pages');
$caps['read'] = array('core', 'general');
$caps['level_10'] = array('core', 'deprecated');
$caps['level_9'] = array('core', 'deprecated');
$caps['level_8'] = array('core', 'deprecated');
$caps['level_7'] = array('core', 'deprecated');
$caps['level_6'] = array('core', 'deprecated');
$caps['level_5'] = array('core', 'deprecated');
$caps['level_4'] = array('core', 'deprecated');
$caps['level_3'] = array('core', 'deprecated');
$caps['level_2'] = array('core', 'deprecated');
$caps['level_1'] = array('core', 'deprecated');
$caps['level_0'] = array('core', 'deprecated');
$caps['edit_others_pages'] = array('core', 'pages');
$caps['edit_published_pages'] = array('core', 'pages');
$caps['publish_pages'] = array('core', 'pages');
$caps['delete_pages'] = array('core', 'pages');
$caps['delete_others_pages'] = array('core', 'pages');
$caps['delete_published_pages'] = array('core', 'pages');
$caps['delete_posts'] = array('core', 'posts');
$caps['delete_others_posts'] = array('core', 'posts');
$caps['delete_published_posts'] = array('core', 'posts');
$caps['delete_private_posts'] = array('core', 'posts');
$caps['edit_private_posts'] = array('core', 'posts');
$caps['read_private_posts'] = array('core', 'posts');
$caps['delete_private_pages'] = array('core', 'pages');
$caps['edit_private_pages'] = array('core', 'pages');
$caps['read_private_pages'] = array('core', 'pages');
$caps['unfiltered_upload'] = array('core', 'general');
$caps['edit_dashboard'] = array('core', 'general');
$caps['update_plugins'] = array('core', 'plugins');
$caps['delete_plugins'] = array('core', 'plugins');
$caps['install_plugins'] = array('core', 'plugins');
$caps['update_themes'] = array('core', 'themes');
$caps['install_themes'] = array('core', 'themes');
$caps['update_core'] = array('core', 'general');
$caps['list_users'] = array('core', 'users');
$caps['remove_users'] = array('core', 'users');
if ( version_compare( $wp_version, '4.4', '<') ) {
$caps['add_users'] = array('core', 'users'); // removed from WP v. 4.4.
}
$caps['promote_users'] = array('core', 'users');
$caps['edit_theme_options'] = array('core', 'themes');
$caps['delete_themes'] = array('core', 'themes');
$caps['export'] = array('core', 'general');
$caps['delete_users'] = array('core', 'users');
$caps['create_users'] = array('core', 'users');
if ( $multisite ) {
$caps['create_sites'] = array('core', 'multisite', 'general');
$caps['delete_sites'] = array('core', 'multisite', 'general');
$caps['manage_network'] = array('core', 'multisite', 'general');
$caps['manage_sites'] = array('core', 'multisite', 'general');
$caps['manage_network_users'] = array('core', 'multisite', 'users');
$caps['manage_network_plugins'] = array('core', 'multisite', 'plugins');
$caps['manage_network_themes'] = array('core', 'multisite', 'themes');
$caps['manage_network_options'] = array('core', 'multisite', 'general');
$caps['upgrade_network'] = array('core', 'multisite', 'general');
}
$caps['install_languages'] = array('core', 'general');
$caps['resume_plugins'] = array('core', 'plugins');
$caps['resume_themes'] = array('core', 'themes');
$caps['view_site_health_checks'] = array('core', 'general');
$caps = apply_filters('ure_built_in_wp_caps', $caps );
$this->built_in_wp_caps = $caps;
return $this->built_in_wp_caps;
}
// end of _get_built_in_wp_caps()
public function get_built_in_wp_caps() {
return $this->built_in_wp_caps;
}
// end of get_built_in_wp_caps()
private function get_post_types_without_caps() {
$pt_without_caps = array();
$wc_pts = URE_Woocommerce_Capabilities::get_post_types_without_caps();
$pt_without_caps = ure_array_merge( $pt_without_caps, $wc_pts );
return $pt_without_caps;
}
// end of get_post_types_without_caps()
/**
* Get capabilities registered with custom post type
*
* @param object $post_type
* @param array $post_edit_caps
*/
private function get_registered_cpt_caps( $post_type, $post_edit_caps ) {
foreach ( $post_edit_caps as $capability ) {
if ( isset( $post_type->cap->$capability ) ) {
$cap = $post_type->cap->$capability;
} else {
continue;
}
if ( !isset( $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap] = array();
} else if ( in_array( $post_type->name, $this->cpt_caps[$cap] ) ) {
continue;
}
if ( !isset($this->built_in_wp_caps[$cap]) &&
!in_array( 'custom', $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap][] = 'custom';
}
if ( !in_array( 'custom_post_types', $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap][] = 'custom_post_types';
}
$this->cpt_caps[$cap][] = $post_type->name;
}
}
// end of get_registered_cpt_caps()
private function add_group_to_edit_post_cap( $post_type, $post_edit_caps ) {
foreach( $post_edit_caps as $cap_id ) {
$this->built_in_wp_caps[$cap_id][] = $post_type->name;
if ( !in_array('custom_post_types', $this->built_in_wp_caps[$cap_id] ) ) {
$this->built_in_wp_caps[$cap_id][] = 'custom_post_types';
}
}
}
// end of add_group_to_edit_post_cap()
private function get_custom_post_type_caps( $post_type, $post_edit_caps ) {
$pt_without_caps = $this->get_post_types_without_caps();
if ( in_array($post_type->name, $pt_without_caps ) ) {
return;
}
// take into account custom post types, which uses built-in post or page capabilities
if ( in_array( $post_type->capability_type, array('post', 'page') ) ) {
$this->add_group_to_edit_post_cap( $post_type, $post_edit_caps );
return;
}
$this->get_registered_cpt_caps( $post_type, $post_edit_caps );
}
// end of get_custom_post_type_caps()
private function _get_all_custom_post_types_caps() {
$post_edit_caps = $this->lib->get_edit_post_capabilities();
$post_types = get_post_types( array(), 'objects' );
$_post_types = $this->lib->_get_post_types();
$built_in_pt = array('post', 'page');
if ( $post_types['attachment']->cap->edit_posts=='edit_posts') {
$built_in_pt[] = 'attachment';
}
$this->cpt_caps = array();
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) ) {
continue;
}
if ( in_array( $post_type->name, $built_in_pt ) ) {
continue;
}
if ( !isset( $post_type->cap ) ) {
continue;
}
$this->get_custom_post_type_caps( $post_type, $post_edit_caps );
}
return $this->cpt_caps;
}
// end of _get_all_custom_post_types_capabilities()
private function get_groups_for_custom_cap( $cap_id ) {
$ure_caps = URE_Own_Capabilities::get_caps_groups();
if ( isset( $ure_caps[$cap_id] ) ) {
$groups1 = $ure_caps[$cap_id];
}
if ( empty( $groups1 ) ) {
$wc_caps = URE_Woocommerce_Capabilities::get_caps_groups();
if ( isset($wc_caps[$cap_id] ) ) {
$groups1 = $wc_caps[$cap_id];
}
}
if ( isset( $this->cpt_caps[$cap_id] ) ) {
$groups2 = $this->cpt_caps[$cap_id];
}
$groups = array('custom');
if ( !empty( $groups1 ) ) {
$groups = ure_array_merge( $groups, $groups1 );
}
if ( !empty( $groups2 ) ) {
$groups = ure_array_merge( $groups, $groups2 );
}
return $groups;
}
// end of get_groups_for_custom_cap()
public function get_cap_groups( $cap_id, $built_in_wp_caps=null ) {
if ( isset( $this->built_in_wp_caps[$cap_id] ) ) {
$groups = $built_in_wp_caps[$cap_id];
} else {
$groups = $this->get_groups_for_custom_cap( $cap_id );
}
$groups = apply_filters('ure_custom_capability_groups', $groups, $cap_id );
$groups[] = 'all'; // Every capability belongs to the 'all' group
$groups = array_unique( $groups );
foreach( $groups as $key=>$value ) {
$groups[$key] = 'ure-'. $value;
}
return $groups;
}
// end of get_cap_groups()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of class URE_Capabilities_Groups_Manager

461
wp/wp-content/plugins/user-role-editor/includes/classes/capabilities.php Normal file
View File

@@ -0,0 +1,461 @@
<?php
/**
* Class to prepare full user capabilities list for URE editor
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulia <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2021, Vladimir Garagulia
**/
class URE_Capabilities {
private static $instance = null;
private $lib = null;
private $built_in_wp_caps = null;
public static function get_instance() {
if ( self::$instance === null ) {
// new static() will work too
self::$instance = new URE_Capabilities();
}
return self::$instance;
}
// end of get_instance()
private function __construct() {
$this->lib = URE_Lib::get_instance();
$this->built_in_wp_caps = $this->lib->get_built_in_wp_caps();
}
// end of __construct()
protected function convert_cap_to_readable( $cap_name ) {
$cap_name = str_replace('_', ' ', $cap_name);
$cap_name = ucfirst($cap_name);
return $cap_name;
}
// convert_cap_to_readable
protected function add_capability_to_full_caps_list( $cap_id, &$full_list ) {
if ( isset( $full_list[$cap_id] ) ) { // if capability was added already
return;
}
$cap = array();
$cap['inner'] = $cap_id;
$cap['human'] = esc_html__( $this->convert_cap_to_readable( $cap_id ) , 'user-role-editor' );
if ( isset( $this->built_in_wp_caps[$cap_id] ) ) {
$cap['wp_core'] = true;
} else {
$cap['wp_core'] = false;
}
$full_list[$cap_id] = $cap;
}
// end of add_capability_to_full_caps_list()
/**
* Add capabilities from user roles save at WordPress database
*
*/
protected function add_roles_caps( &$full_list ) {
$roles = $this->lib->get_user_roles();
foreach ( $roles as $role ) {
// validate if capabilities is an array
if ( !isset( $role['capabilities'] ) || !is_array( $role['capabilities'] ) ) {
continue;
}
foreach ( array_keys( $role['capabilities'] ) as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
}
// end of add_roles_caps()
/**
* Add Gravity Forms plugin capabilities, if available
*
*/
protected function add_gravity_forms_caps( &$full_list ) {
if ( !class_exists( 'GFCommon' ) ) {
return;
}
$gf_caps = GFCommon::all_caps();
foreach ( $gf_caps as $gf_cap ) {
$this->add_capability_to_full_caps_list( $gf_cap, $full_list );
}
}
// end of add_gravity_forms_caps()
/**
* Add bbPress plugin user capabilities (if available)
*/
protected function add_bbpress_caps( &$full_list ) {
$bbpress = $this->lib->get_bbpress();
if ( !$bbpress->is_active() ) {
return;
}
$caps = $bbpress->get_caps();
foreach ( $caps as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_bbpress_caps()
/**
* Provide compatibility with plugins and themes which define their custom user capabilities using
* 'members_get_capabilities' filter from Justin Tadlock Members plugin
* https://wordpress.org/plugins/members/
*
*/
protected function add_members_caps( &$full_list ) {
$custom_caps = array();
$custom_caps = apply_filters( 'members_get_capabilities', $custom_caps );
foreach ( $custom_caps as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_members_caps()
/**
* Add capabilities assigned directly to user, and not included into any role
*
*/
protected function add_user_caps( &$full_list ) {
$editor = URE_Editor::get_instance();
$user = $editor->get('user_to_edit');
$roles = $editor->get('roles');
foreach( array_keys( $user->caps ) as $cap ) {
if ( !isset( $roles[$cap] ) ) { // it is the user capability, not role
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
}
// end of add_user_caps()
/**
* Add built-in WordPress caps in case some of them were not included to the roles for some reason
*
*/
protected function add_wordpress_caps( &$full_list ) {
foreach ( array_keys( $this->built_in_wp_caps ) as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_wordpress_caps()
protected function add_create_cap_to_admin( $post_type_name ) {
global $wp_roles;
$post_type = get_post_type_object( $post_type_name );
if ( $post_type->cap->create_posts!=='edit_'. $post_type->name .'s' ) { // 'create' capability is active
if ( !isset( $wp_roles->role_objects['administrator']->capabilities[$post_type->cap->create_posts] ) ) {
$wp_roles->role_objects['administrator']->add_cap( $post_type->cap->create_posts, true );
}
}
}
// end of add_create_caps_to_admin()
public static function add_cap_to_roles( $roles, $cap ) {
if ( !is_array( $roles ) || count( $roles )==0 ) {
return;
}
$wp_roles = wp_roles();
foreach( $roles as $role ) {
if ( isset( $wp_roles->role_objects[$role] ) &&
!isset( $wp_roles->role_objects[$role]->capabilities[$cap] ) ) {
$wp_roles->role_objects[$role]->add_cap( $cap, true );
}
}
}
// end of add_cap_to_roles()
protected function add_custom_post_type_caps( &$full_list ) {
$multisite = $this->lib->get( 'multisite' );
// admin should be capable to edit any posts
$cpt_editor_roles0 = !$multisite ? array('administrator') : array();
$capabilities = $this->lib->get_edit_post_capabilities();
$post_types = get_post_types( array(), 'objects' );
$_post_types = $this->lib->_get_post_types();
// do not forget attachment post type as it may use the own capabilities set
$attachment_post_type = get_post_type_object( 'attachment' );
if ( $attachment_post_type->cap->edit_posts!=='edit_posts' ) {
$post_types['attachment'] = $attachment_post_type;
}
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) ) {
continue;
}
if ( !isset($post_type->cap) ) {
continue;
}
$cpt_editor_roles = apply_filters( 'ure_cpt_editor_roles', $cpt_editor_roles0, $post_type->name );
foreach( $capabilities as $capability ) {
if ( !isset( $post_type->cap->$capability ) ) {
continue;
}
$cap_to_check = $post_type->cap->$capability;
$this->add_capability_to_full_caps_list( $cap_to_check, $full_list );
self::add_cap_to_roles( $cpt_editor_roles, $cap_to_check );
}
}
$wp_roles = wp_roles();
if ( !$multisite && isset( $wp_roles->role_objects['administrator'] ) ) {
// admin should be capable to create posts and pages
foreach( array( 'post', 'page' ) as $post_type_name ) {
$this->add_create_cap_to_admin( $post_type_name );
}
}
}
// end of add_custom_post_type_caps()
protected function add_custom_taxonomies_caps( &$full_list ) {
$taxonomies = $this->lib->get_custom_taxonomies( 'objects' );
if ( empty( $taxonomies ) ) {
return;
}
$multisite = $this->lib->get( 'multisite' );
// admin should be capable to edit any taxonomy
$cpt_editor_roles0 = !$multisite ? array('administrator') : array();
$caps_to_check = array('manage_terms', 'edit_terms', 'delete_terms', 'assign_terms');
foreach( $taxonomies as $taxonomy ) {
$cpt_editor_roles = apply_filters( 'ure_cpt_editor_roles', $cpt_editor_roles0, $taxonomy->name );
foreach( $caps_to_check as $capability ) {
$cap_to_check = $taxonomy->cap->$capability;
$this->add_capability_to_full_caps_list( $cap_to_check, $full_list );
self::add_cap_to_roles( $cpt_editor_roles, $cap_to_check );
}
}
}
// end of add_custom_taxonomies_caps()
/**
* Add capabilities for URE permissions system in case some were excluded from Administrator role
*
*/
protected function add_ure_caps( &$full_list ) {
$key_cap = URE_Own_Capabilities::get_key_capability();
if ( !current_user_can( $key_cap ) ) {
return;
}
$ure_caps = URE_Own_Capabilities::get_caps();
foreach(array_keys($ure_caps) as $cap) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_ure_caps()
// Under the single site WordPress installation administrator role should have all existing capabilities included
protected function grant_all_caps_to_admin( $full_list ) {
$multisite = $this->lib->get( 'multisite' );
if ( $multisite ) {
// There is a superadmin user under WP multisite, so single site administrator role may do not have full list of capabilities.
return;
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->role_objects['administrator'] ) ) {
return;
}
// Use this filter as the last chance to stop this
$grant = apply_filters('ure_grant_all_caps_to_admin', true );
if ( empty( $grant) ) {
return;
}
$admin_role = $wp_roles->role_objects['administrator'];
$updated = false;
foreach( $full_list as $capability ) {
$cap = $capability['inner'];
if ( !$admin_role->has_cap( $cap ) ) {
$admin_role->add_cap( $cap );
$updated = true;
}
}
if ( $updated ) { // Flush the changes to the database
$use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$admin_role->add_cap('read'); // administrator always should can 'read'
$wp_roles->use_db = $use_db;
}
}
// end of grant_all_caps_to_admin()
public function init_full_list( $ure_object ) {
$full_list = array();
$this->add_roles_caps( $full_list );
$this->add_gravity_forms_caps( $full_list );
$this->add_bbpress_caps( $full_list );
$this->add_members_caps( $full_list );
if ($ure_object=='user') {
$this->add_user_caps( $full_list );
}
$this->add_wordpress_caps( $full_list );
$this->add_custom_post_type_caps( $full_list );
$this->add_custom_taxonomies_caps( $full_list );
$this->add_ure_caps( $full_list );
asort( $full_list );
$full_list = apply_filters('ure_full_capabilites', $full_list );
$this->grant_all_caps_to_admin( $full_list );
return $full_list;
}
// end of init_full_list();
/**
* Build full capabilities list from all roles
*/
private function get_full_caps_list_from_roles() {
$wp_roles = wp_roles();
// build full capabilities list from all roles
$full_caps_list = array();
foreach ( $wp_roles->roles as $role ) {
// validate if capabilities is an array
if ( isset( $role['capabilities'] ) && is_array( $role['capabilities'] ) ) {
foreach ( $role['capabilities'] as $capability => $value ) {
if ( !isset( $full_caps_list[$capability] ) ) {
$full_caps_list[$capability] = true;
}
}
}
}
return $full_caps_list;
}
// end of get_full_caps_list_from_roles()
/**
* Returns array of WPBakery Visual Composer plugin capabilities
* extracted by 'vc_access_rules_' prefix
*/
protected function get_visual_composer_caps($full_caps_list) {
$caps = array();
foreach( array_keys( $full_caps_list ) as $cap ) {
if ( strpos( $cap, 'vc_access_rules_')!==false ) {
$caps[$cap] = 1;
}
}
return $caps;
}
// end of get_visual_composer_caps()
/**
* return the array of unused user capabilities
*
* @global WP_Roles $wp_roles
* @return array
*/
public function get_caps_to_remove() {
$wp_roles = wp_roles();
$full_caps_list = $this->get_full_caps_list_from_roles();
$caps_to_exclude = $this->built_in_wp_caps;
$ure_caps = URE_Own_Capabilities::get_caps();
$visual_composer_caps = $this->get_visual_composer_caps($full_caps_list);
$caps_to_exclude = ure_array_merge($caps_to_exclude, $ure_caps, $visual_composer_caps);
$caps_to_remove = array();
$caps = array_keys( $full_caps_list );
foreach ( $caps as $cap ) {
if ( isset( $caps_to_exclude[$cap] ) ) { // do not touch built-in WP caps, URE own caps and Visual Composer caps
continue;
}
// check roles
$cap_in_use = false;
foreach ( $wp_roles->role_objects as $wp_role ) {
if ( $wp_role->name === 'administrator' ) {
continue;
}
if ( $wp_role->has_cap( $cap ) ) {
$cap_in_use = true;
break;
}
}
if ( !$cap_in_use ) {
$caps_to_remove[$cap] = 1;
}
} // foreach(...)
return $caps_to_remove;
}
// end of get_caps_to_remove()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of URE_Capabilities class

240
wp/wp-content/plugins/user-role-editor/includes/classes/capability.php Normal file
View File

@@ -0,0 +1,240 @@
<?php
/**
* Class to work with user capability
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2021, Vladimir Garagulya
**/
class URE_Capability {
public static function escape( $cap_id ) {
$search = array(' ', '/', '|', '{', '}', '$');
$replace = array('_', '_', '_', '_', '_', '_');
$cap_id_esc = str_replace( $search, $replace, $cap_id );
return $cap_id_esc;
}
// end escape()
// Sanitize user input for security
// do not allow to use internally used capabilities
public static function validate( $cap_id_raw ) {
$match = array();
$found = preg_match('/[A-Za-z0-9_\-]*/', $cap_id_raw, $match );
if ( !$found || ($found && ( $match[0]!=$cap_id_raw ) ) ) { // some non-alphanumeric charactes found!
$data = array(
'result'=>false,
'message'=>esc_html__('Error: Capability name must contain latin characters and digits only!', 'user-role-editor'),
'cap_id'=>''
);
return $data;
}
$cap_id = strtolower( $match[0] );
if ( $cap_id=='do_not_allow' ) {
$data = array(
'result'=>false,
'message'=>esc_html__('Error: this capability is used internally by WordPress', 'user-role-editor'),
'cap_id'=>'do_not_allow'
);
return $data;
}
if ( $cap_id=='administrator' ) {
$data = array(
'result'=>false,
'message'=>esc_html__('Error: this word is used by WordPress as a role ID', 'user-role-editor'),
'cap_id'=>'administrator'
);
return $data;
}
$data = array(
'result'=>true,
'message'=>'Success',
'cap_id'=>$cap_id
);
return $data;
}
// end of validate()
/**
* Add new user capability
*
* @global WP_Roles $wp_roles
* @return string
*/
public static function add( $ure_object ) {
global $wp_roles;
$response = array(
'result'=>'error',
'capability_id'=>'',
'html'=>'',
'message'=>''
);
if ( !current_user_can( 'ure_create_capabilities' ) ) {
$response['message'] = esc_html__( 'Insufficient permissions to work with User Role Editor', 'user-role-editor' );
return $response;
}
$mess = '';
if ( !isset( $_POST['capability_id'] ) || empty( $_POST['capability_id'] ) ) {
$response['message'] = esc_html__( 'Wrong Request', 'user-role-editor' );
return $response;
}
$data = self::validate( $_POST['capability_id'] );
if ( !$data['result'] ) {
$response['message'] = $data['message'];
return $response;
}
$cap_id = $data['cap_id'];
$lib = URE_Lib::get_instance();
$full_capabilities = $lib->init_full_capabilities( $ure_object );
if ( !isset( $full_capabilities[$cap_id] ) ) {
$admin_role = $lib->get_admin_role();
$use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$wp_roles->add_cap( $admin_role, $cap_id );
$wp_roles->use_db = $use_db;
$response['result'] = 'success';
$response['message'] = sprintf( esc_html__( 'Capability %s was added successfully', 'user-role-editor' ), $cap_id );
} else {
$response['message'] = sprintf( esc_html__( 'Capability %s exists already', 'user-role-editor' ), $cap_id );
}
return $response;
}
// end of add()
/**
* Extract capabilities selected for deletion from the $_POST global
*
* @return array
*/
private static function get_caps_for_deletion_from_post( $caps_allowed_to_remove ) {
if ( isset( $_POST['values'] ) ) {
$input_buff = $_POST['values'];
} else {
$input_buff = $_POST;
}
$caps = array();
foreach( $input_buff as $key=>$value ) {
if ( substr( $key, 0, 3 )!=='rm_' ) {
continue;
}
if ( !isset( $caps_allowed_to_remove[$value]) ) {
continue;
}
$caps[] = $value;
}
return $caps;
}
// end of get_caps_for_deletion_from_post()
private static function revoke_caps_from_user( $user_id, $caps ) {
$user = get_user_to_edit( $user_id );
foreach( $caps as $cap_id ) {
if ( !isset( $user->caps[$cap_id] ) ) {
continue;
}
// Prevent sudden revoke role 'administrator' from a user during 'administrator' capability deletion.
if ( $cap_id=='administrator') {
continue;
}
$user->remove_cap( $cap_id );
}
}
// end of revoke_caps_from_user()
private static function revoke_caps_from_role( $wp_role, $caps ) {
foreach( $caps as $cap_id ) {
if ( $wp_role->has_cap( $cap_id ) ) {
$wp_role->remove_cap( $cap_id );
}
}
}
// end of revoke_caps_from_role()
private static function revoke_caps( $caps ) {
global $wpdb, $wp_roles;
// remove caps from users
$users_ids = $wpdb->get_col("SELECT $wpdb->users.ID FROM $wpdb->users");
foreach ( $users_ids as $user_id ) {
self::revoke_caps_from_user( $user_id, $caps );
}
// remove caps from roles
foreach ( $wp_roles->role_objects as $wp_role ) {
self::revoke_caps_from_role( $wp_role, $caps );
}
}
// end of revoke_caps()
/**
* Delete capability
*
* @global WP_Roles $wp_roles
* @return string - information message
*/
public static function delete() {
if ( !current_user_can( 'ure_delete_capabilities' ) ) {
return esc_html__( 'Insufficient permissions to work with User Role Editor','user-role-editor' );
}
$capabilities = URE_Capabilities::get_instance();
$mess = '';
$caps_allowed_to_remove = $capabilities->get_caps_to_remove();
if ( !is_array( $caps_allowed_to_remove ) || count( $caps_allowed_to_remove )==0 ) {
return esc_html__( 'There are no capabilities available for deletion!', 'user-role-editor' );
}
$caps = self::get_caps_for_deletion_from_post( $caps_allowed_to_remove );
if ( empty( $caps ) ) {
return esc_html__( 'There are no capabilities available for deletion!', 'user-role-editor' );
}
self::revoke_caps( $caps );
if ( count( $caps )==1 ) {
$mess = sprintf( esc_html__( 'Capability %s was removed successfully', 'user-role-editor' ), $caps[0] );
} else {
$lib = URE_Lib::get_instance();
$short_list_str = $lib->get_short_list_str( $caps );
$mess = count( $caps ) .' '. esc_html__( 'capabilities were removed successfully', 'user-role-editor' ) .': '.
$short_list_str;
}
// Escape every capability ID to remove from the HTML markup related div by ID
$esc_caps = array();
foreach( $caps as $key=>$cap ) {
$esc_caps[$key] = self::escape( $cap );
}
return array('message'=>$mess, 'deleted_caps'=>$esc_caps);
}
// end of delete()
}
// end of class URE_Capability

1646
wp/wp-content/plugins/user-role-editor/includes/classes/editor.php Normal file
View File

File diff suppressed because it is too large Load Diff

495
wp/wp-content/plugins/user-role-editor/includes/classes/grant-roles.php Normal file
View File

@@ -0,0 +1,495 @@
<?php
/**
* Project: User Role Editor plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
* Assign multiple roles to the list of selected users directly from the "Users" page
* Grant/Revoke single role to/from selected users
*/
class URE_Grant_Roles {
const NO_ROLE_FOR_THIS_SITE = 'no-role-for-this-site';
private $lib = null;
private static $counter = 0;
public function __construct() {
$this->lib = URE_Lib::get_instance();
add_action( 'load-users.php', array( $this, 'load' ) );
}
// end of __construct()
public function load() {
add_action('restrict_manage_users', array($this, 'show_roles_manage_html') );
add_action('admin_head', array(User_Role_Editor::get_instance(), 'add_css_to_users_page') );
add_action('admin_enqueue_scripts', array($this, 'load_js') );
$this->update_roles();
}
// end of load()
private static function validate_users($users) {
if (!is_array($users)) {
return false;
}
foreach ($users as $user_id) {
if (!is_numeric($user_id)) {
return false;
}
if ( !current_user_can( 'promote_user', $user_id ) ) {
return false;
}
if ( is_multisite() && !is_user_member_of_blog( $user_id ) ) {
return false;
}
}
return true;
}
// end of validate_users()
private function add_role( $users ) {
if ( !empty( $_REQUEST['ure_add_role'] ) ) {
$role = $_REQUEST['ure_add_role'];
} else {
$role = $_REQUEST['ure_add_role_2'];
}
if ( !self::validate_roles( array($role=>$role) ) ) {
return;
}
$done = false;
foreach( $users as $user_id ) {
$user = get_user_by( 'id', $user_id );
if (empty( $user ) ) {
continue;
}
if ( empty($user->roles) || !in_array( $role, $user->roles ) ) {
$user->add_role( $role );
$done = true;
}
}
if ( $done ) {
// Redirect to the users screen.
if ( wp_redirect( add_query_arg( 'update', 'promote', 'users.php' ) ) ) {
exit;
}
}
}
// end of add_role()
private function is_try_remove_admin_from_himself( $user_id, $role) {
$result = false;
$current_user = wp_get_current_user();
$wp_roles = wp_roles();
$role_caps = array_keys( $wp_roles->roles[$role]['capabilities'] );
$is_current_user = ( $user_id == $current_user->ID );
$role_can_promote = in_array('promote_users', $role_caps);
$can_manage_network = is_multisite() && current_user_can( 'manage_network_users' );
// If the removed role has the `promote_users` cap and user is removing it from himself
if ( $is_current_user && $role_can_promote && !$can_manage_network ) {
$result = true;
// Loop through the current user's roles.
foreach ($current_user->roles as $_role) {
$_role_caps = array_keys( $wp_roles->roles[$_role]['capabilities'] );
// If the current user has another role that can promote users, it's safe to remove the role. Else, the current user should to keep this role.
if ( ($role!==$_role) && in_array( 'promote_users', $_role_caps ) ) {
$result = false;
break;
}
}
}
return $result;
}
private function revoke_role( $users ) {
if ( !empty( $_REQUEST['ure_revoke_role'] ) ) {
$role = $_REQUEST['ure_revoke_role'];
} else {
$role = $_REQUEST['ure_revoke_role_2'];
}
if ( !self::validate_roles( array($role=>$role) ) ) {
return;
}
$done = false;
foreach( $users as $user_id ) {
$user = get_user_by( 'id', $user_id );
if (empty( $user ) ) {
continue;
}
if ($this->is_try_remove_admin_from_himself( $user_id, $role ) ) {
continue;
}
if ( is_array($user->roles) && in_array( $role, $user->roles ) ) {
$user->remove_role( $role );
$done = true;
}
}
if ( $done ) {
if ( wp_redirect( add_query_arg( 'update', 'promote', 'users.php' ) ) ) {
exit;
}
}
}
// end of revoke_role()
private function update_roles() {
if ( empty( $_REQUEST['users'] ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return;
}
$users = (array) $_REQUEST['users'];
if ( !self::validate_users( $users ) ) {
return;
}
if ( ( !empty( $_REQUEST['ure_add_role'] ) && !empty( $_REQUEST['ure_add_role_submit']) ) ||
( !empty( $_REQUEST['ure_add_role_2'] ) && !empty( $_REQUEST['ure_add_role_submit_2'] ) ) ) {
$this->add_role( $users );
} else if ( ( !empty( $_REQUEST['ure_revoke_role'] ) && !empty( $_REQUEST['ure_revoke_role_submit'] ) ) ||
( !empty( $_REQUEST['ure_revoke_role_2'] ) && !empty( $_REQUEST['ure_revoke_role_submit_2'] ) ) ) {
$this->revoke_role( $users );
}
}
// end of update_roles()
private static function validate_roles($roles) {
if (!is_array($roles)) {
return false;
}
$lib = URE_Lib::get_instance();
$editable_roles = $lib->get_all_editable_roles();
$valid_roles = array_keys($editable_roles);
foreach($roles as $role) {
if (!in_array($role, $valid_roles)) {
return false;
}
}
return true;
}
// end of validate_roles()
private static function grant_primary_role_to_user($user_id, $role) {
$user = get_user_by('id', $user_id);
if (empty($user)) {
return;
}
if ($role===self::NO_ROLE_FOR_THIS_SITE) {
$role = '';
}
$old_roles = $user->roles; // Save currently granted roles to restore from them the bbPress roles later if there are any...
$user->set_role($role);
$lib = URE_Lib::get_instance();
$bbpress = $lib->get('bbpress');
if (empty($bbpress)) {
return;
}
$bbp_roles = $bbpress->extract_bbp_roles($old_roles);
if (count($bbp_roles)>0) { // restore bbPress roles
foreach($bbp_roles as $role) {
$user->add_role($role);
}
}
}
// end of grant_primary_role_to_user()
private static function grant_other_roles_to_user($user_id, $roles) {
$user = get_user_by('id', $user_id);
if (empty($user)) {
return;
}
$roles_list = array_values( $user->roles );
$primary_role = array_shift( $roles_list ); // Get the 1st element from the roles array
$lib = URE_Lib::get_instance();
$bbpress = $lib->get( 'bbpress' );
if ( empty( $bbpress ) ) {
$bbp_roles = array();
} else {
$bbp_roles = $bbpress->extract_bbp_roles( $user->roles );
}
$user->remove_all_caps();
$roles2 = ure_array_merge( array( $primary_role ), $bbp_roles, $roles );
foreach( $roles2 as $role ) {
$user->add_role( $role );
}
}
// end of grant_other_roles_to_user()
/**
* Decide if primary role should be granted or left as it is
*
* @param string $primary_role
* @return boolean
*/
private static function is_select_primary_role($primary_role) {
if (empty($primary_role)) {
return false; // Primary role was not selected by user, leave an older one
}
$lib = URE_Lib::get_instance();
if ($lib->is_super_admin()) {
$select_primary_role = true;
} else {
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
}
return $select_primary_role;
}
// end of is_select_primary_role()
public static function grant_roles() {
if ( !current_user_can('promote_users') ) {
$answer = array('result'=>'error', 'message'=>esc_html__('Not enough permissions', 'user-role-editor'));
return $answer;
}
$users = $_POST['users'];
if (!self::validate_users($users)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Can not edit user or invalid data at the users list', 'user-role-editor'));
return $answer;
}
// Primary role
$primary_role = $_POST['primary_role'];
if (!empty($primary_role) && ($primary_role!==self::NO_ROLE_FOR_THIS_SITE) &&
!self::validate_roles(array($primary_role=>$primary_role))) {
$answer = array('result'=>'error', 'message'=>esc_html__('Invalid primary role', 'user-role-editor'));
return $answer;
}
if (self::is_select_primary_role($primary_role)) {
foreach ($users as $user_id) {
self::grant_primary_role_to_user($user_id, $primary_role);
}
}
// Other roles
$other_roles = isset($_POST['other_roles']) ? $_POST['other_roles'] : null;
if (!empty($other_roles) && !self::validate_roles($other_roles)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Invalid data at the other roles list', 'user-role-editor'));
return $answer;
}
if (!empty($other_roles)) {
foreach($users as $user_id) {
self::grant_other_roles_to_user($user_id, $other_roles);
}
}
$answer = array('result'=>'success', 'message'=>esc_html__('Roles were granted to users successfully', 'user-role-editor'));
return $answer;
}
// end of grant_roles()
public static function get_user_roles() {
if ( !current_user_can( 'promote_users' ) ) {
$answer = array('result'=>'error', 'message'=>esc_html__('Not enough permissions', 'user-role-editor'));
return $answer;
}
$lib = URE_Lib::get_instance();
$user_id = (int) $lib->get_request_var('user_id', 'post', 'int');
if (empty($user_id)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Wrong request, valid user ID was missed', 'user-role-editor'));
return $answer;
}
$user = get_user_by('id', $user_id);
if (empty($user)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Requested user does not exist', 'user-role-editor'));
return $answer;
}
$other_roles = array_values($user->roles);
$primary_role = array_shift($other_roles);
$answer = array('result'=>'success', 'primary_role'=>$primary_role, 'other_roles'=>$other_roles, 'message'=>'User roles were sent');
return $answer;
}
// end of get_user_roles()
private function select_primary_role_html() {
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
if (!$select_primary_role && !$this->lib->is_super_admin()) {
return;
}
?>
<span style="font-weight: bold;">
<?php esc_html_e('Primary Role: ', 'role-editor');?>
</span>
<select name="primary_role" id="primary_role">
<?php
// print the full list of roles with the primary one selected.
wp_dropdown_roles('');
echo '<option value="'. self::NO_ROLE_FOR_THIS_SITE .'">' . esc_html__('&mdash; No role for this site &mdash;') . '</option>'. PHP_EOL;
?>
</select>
<hr/>
<?php
}
// end of select_primary_role_html()
private function select_other_roles_html() {
?>
<div id="other_roles_container">
<span style="font-weight: bold;">
<?php
esc_html_e('Other Roles: ', 'role-editor');
?>
</span><br>
<?php
$show_admin_role = $this->lib->show_admin_role_allowed();
$roles = $this->lib->get_all_editable_roles();
foreach ($roles as $role_id => $role) {
if (!$show_admin_role && $role_id=='administrator') {
continue;
}
echo '<label for="wp_role_' . $role_id . '"><input type="checkbox" id="wp_role_' . $role_id .
'" name="ure_roles[]" value="' . $role_id . '" />&nbsp;' .
esc_html__($role['name'], 'user-role-editor') .' ('. $role_id .')</label><br />'. PHP_EOL;
}
?>
</div>
<?php
}
// end of select_other_roles_html()
private function get_roles_options_list() {
ob_start();
wp_dropdown_roles();
$output = ob_get_clean();
return $output;
}
// end of get_roles_options_list()
public function show_roles_manage_html() {
if ( !current_user_can( 'promote_users' ) ) {
return;
}
$button_number = (self::$counter>0) ? '_2': '';
$roles_options_list = self::get_roles_options_list();
?>
&nbsp;&nbsp;
<input type="button" name="ure_grant_roles<?php echo $button_number;?>" id="ure_grant_roles<?php echo $button_number;?>" class="button"
value="<?php esc_html_e('Grant Roles', 'user-role-editor');?>">
&nbsp;&nbsp;
<label class="screen-reader-text" for="ure_add_role<?php echo $button_number;?>"><?php esc_html_e( 'Add role&hellip;', 'user-role-editor' ); ?></label>
<select name="ure_add_role<?php echo $button_number;?>" id="ure_add_role<?php echo $button_number;?>" style="display: inline-block; float: none;">
<option value=""><?php esc_html_e( 'Add role&hellip;', 'user-role-editor' ); ?></option>
<?php echo $roles_options_list; ?>
</select>
<?php submit_button( esc_html__( 'Add', 'user-role-editor' ), 'secondary', 'ure_add_role_submit'.$button_number, false ); ?>
&nbsp;&nbsp;
<label class="screen-reader-text" for="ure_revoke_role<?php echo $button_number;?>"><?php esc_html_e( 'Revoke role&hellip;', 'user-role-editor' ); ?></label>
<select name="ure_revoke_role<?php echo $button_number;?>" id="ure_revoke_role<?php echo $button_number;?>" style="display: inline-block; float: none;">
<option value=""><?php esc_html_e( 'Revoke role&hellip;', 'user-role-editor' ); ?></option>
<?php echo $roles_options_list; ?>
</select>
<?php submit_button( esc_html__( 'Revoke', 'user-role-editor' ), 'secondary', 'ure_revoke_role_submit'.$button_number, false ); ?>
<?php
if (self::$counter==0) {
?>
<div id="ure_grant_roles_dialog" class="ure-dialog">
<div id="ure_grant_roles_content">
<?php
$this->select_primary_role_html();
$this->select_other_roles_html();
?>
</div>
</div>
<?php
URE_View::output_task_status_div();
self::$counter++;
}
}
// end of show_grant_roles_html()
public function load_js() {
$show_wp_change_role = apply_filters('ure_users_show_wp_change_role', true);
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core','jquery-ui-button', 'jquery'), false, true );
wp_register_script('ure-users-grant-roles', plugins_url('/js/users-grant-roles.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-users-grant-roles');
wp_localize_script('ure-users-grant-roles', 'ure_users_grant_roles_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'dialog_title'=> esc_html__('Grant roles to selected users', 'user-role-editor'),
'select_users_first' => esc_html__('Select users to which you wish to grant roles!', 'user-role-editor'),
'select_roles_first' => esc_html__('Select role(s) which you wish to grant!', 'user-role-editor'),
'show_wp_change_role' => $show_wp_change_role ? 1: 0
));
}
// end of load_js()
}
// end of URE_Grant_Roles class

89
wp/wp-content/plugins/user-role-editor/includes/classes/known-js-css-compatibility-issues.php Normal file
View File

@@ -0,0 +1,89 @@
<?php
class URE_Known_JS_CSS_Compatibility_Issues {
public static function fix($hook_suffix, $ure_hook_suffixes) {
$ure_hook_suffixes[] = 'users.php';
$ure_hook_suffixes[] = 'profile.php';
if (!in_array($hook_suffix, $ure_hook_suffixes)) {
return;
}
self::unload_techgostore($hook_suffix);
self::unload_musicplay($hook_suffix);
self::unload_conflict_plugins_css($hook_suffix);
}
// end of fix()
/**
* Unload WP TechGoStore theme JS and CSS to exclude compatibility issues with URE
*/
private static function unload_techgostore($hook_suffix) {
if (!defined('THEME_SLUG') || THEME_SLUG !== 'techgo_') {
return;
}
wp_deregister_script('jqueryform');
wp_deregister_script('tab');
wp_deregister_script('shortcode_js');
wp_deregister_script('fancybox_js');
wp_deregister_script('bootstrap-colorpicker');
wp_deregister_script('logo_upload');
wp_deregister_script('js_wd_menu_backend');
wp_deregister_style('config_css');
wp_deregister_style('fancybox_css');
wp_deregister_style('colorpicker');
wp_deregister_style('font-awesome');
wp_deregister_style('css_wd_menu_backend');
}
// end of unload_techgostore()
/**
* Unload MusicPlay theme CSS to exclude compatibility issues with URE
*
*/
private static function unload_musicplay($hook_suffix) {
if (!in_array($hook_suffix, array('users.php', 'profile.php')) ) {
return;
}
if (defined('THEMENAME') && THEMENAME!=='MusicPlay') {
return;
}
wp_deregister_style('atpadmin');
wp_deregister_style('appointment-style');
wp_deregister_style('atp-chosen');
wp_deregister_style('atp_plupload');
wp_deregister_style('atp-jquery-timepicker-addon');
wp_deregister_style('atp-jquery-ui');
}
// end of unload_music_play()
private static function unload_conflict_plugins_css($hook_suffix) {
global $wp_styles;
if (!in_array($hook_suffix, array('users.php', 'profile.php')) ) {
return;
}
// remove conflict CSS from responsive-admin-maintenance-pro plugin
if (isset($wp_styles->registered['admin-page-css'])) {
wp_deregister_style('admin-page-css');
}
}
// end of unload_conflict_plugins_css()
}
// end of URE_Fix_Known_JS_CSS_Compatibility_Issues

590
wp/wp-content/plugins/user-role-editor/includes/classes/lib.php Normal file
View File

@@ -0,0 +1,590 @@
<?php
/*
* Stuff specific for User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
*
*/
/**
* This class contains general stuff for usage at WordPress plugins
*/
class URE_Lib extends URE_Base_Lib {
const TRANSIENT_EXPIRATION = 600;
protected $wp_default_role = '';
protected $advert = null;
protected $bbpress = null; // reference to the URE_bbPress class instance
protected $key_capability = ''; // Key user capability for get full access to the User Role Editor
protected $settings_capability = ''; // User capability for access to User Role Editor Settings
// when allow_edit_users_to_not_super_admin option is turned ON, we set this property to true
// when we raise single site admin permissions up to the superadmin for the 'Add new user' new-user.php page
// User_Role_Editor::allow_add_user_as_superadmin()
protected $raised_permissions = false;
// roles sorting order: false - do not sort, 'id' - by role ID, 'name' - by role name
protected $roles_sorting_order = false;
protected $debug = false;
/** class constructor
*
* @param string $options_id
*
*/
protected function __construct($options_id) {
parent::__construct($options_id);
$this->debug = defined('URE_DEBUG') && (URE_DEBUG==1 || URE_DEBUG==true);
$this->get_bbpress();
$this->upgrade();
}
// end of __construct()
public function get_bbpress() {
if ($this->bbpress===null) {
$this->bbpress = new URE_bbPress();
}
return $this->bbpress;
}
// end of get_bbpress()
public static function get_instance($options_id = '') {
if (self::$instance === null) {
if (empty($options_id)) {
throw new Exception('URE_Lib::get_instance() - Error: plugin options ID string is required');
}
// new static() will work too
self::$instance = new URE_Lib($options_id);
}
return self::$instance;
}
// end of get_instance()
protected function upgrade() {
if (!is_admin()) {
return;
}
$ure_version = $this->get_option('ure_version', '0');
if (version_compare( $ure_version, URE_VERSION, '<' ) ) {
// put version upgrade stuff here
$this->put_option('ure_version', URE_VERSION, true);
}
}
// end of upgrade()
/**
* Is this the Pro version?
* @return boolean
*/
public function is_pro() {
return false;
}
// end of is_pro()
public function set_raised_permissions($value) {
$this->raised_permissions = !empty($value) ? true : false;
}
// end of set_raised_permissions()
/**
* get options for User Role Editor plugin
* User Role Editor stores its options at the main blog/site only and applies them to the all network
*
*/
protected function init_options($options_id) {
global $wpdb;
if ($this->multisite) {
if ( ! function_exists( 'is_plugin_active_for_network' ) ) { // Be sure the function is defined before trying to use it
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
}
$this->active_for_network = is_plugin_active_for_network(URE_PLUGIN_BASE_NAME);
}
$current_blog = $wpdb->blogid;
if ($this->multisite && $current_blog!=$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so get URE options from the main blog
switch_to_blog($this->main_blog_id);
}
}
$this->options_id = $options_id;
$this->options = get_option($options_id);
if ($this->multisite && $current_blog!=$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so return back to the current blog
restore_current_blog();
}
}
}
// end of init_options()
/**
* saves options array into WordPress database wp_options table
*/
public function flush_options() {
global $wpdb;
$current_blog = $wpdb->blogid;
if ($this->multisite && $current_blog!==$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so get URE options from the main blog
switch_to_blog($this->main_blog_id); // in order to save URE options to the main blog
}
}
update_option($this->options_id, $this->options);
if ($this->multisite && $current_blog!==$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so return back to the current blog
restore_current_blog();
}
}
}
// end of flush_options()
public function get_main_blog_id() {
return $this->main_blog_id;
}
/**
* Checks if user is allowed to use User Role Editor
*
* @param int $user_id
* @return boolean true
*/
public function user_is_admin($user_id = false) {
if (empty($user_id)) {
$user_id = get_current_user_id();
}
if ( $this->is_super_admin( $user_id ) ) {
return true;
}
$ure_key_capability = URE_Own_Capabilities::get_key_capability();
$user = get_userdata( $user_id );
$result = !empty( $user->allcaps[ $ure_key_capability ] );
return $result;
}
// end of user_is_admin()
/**
* return array with WordPress user roles
*
* @global WP_Roles $wp_roles
* @global type $wp_user_roles
* @return array
*/
public function get_user_roles() {
$bbpress = $this->get_bbpress();
if ($bbpress->is_active()) { // bbPress plugin is active
$roles = $bbpress->get_roles();
} else {
$wp_roles = wp_roles();
$roles = $wp_roles->roles;
}
return $roles;
}
// end of get_user_roles()
/**
* Respect 'editable_roles' filter, when needed
* @return array
*/
public function get_editable_user_roles( $roles = array() ) {
if ( empty( $roles ) ) {
$roles = $this->get_user_roles();
}
$bbpress = $this->get_bbpress();
if ($bbpress->is_active()) {
remove_filter('editable_roles', 'bbp_filter_blog_editable_roles');
}
$roles = apply_filters('editable_roles', $roles );
if ( $bbpress->is_active() ) {
add_filter('editable_roles', 'bbp_filter_blog_editable_roles');
}
return $roles;
}
// end of get_editable_user_roles()
/**
* return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
*
* @return array
*/
public function get_built_in_wp_caps() {
$caps_groups = URE_Capabilities_Groups_Manager::get_instance();
$caps = $caps_groups->get_built_in_wp_caps();
return $caps;
}
// end of get_built_in_wp_caps()
/**
* Return all available post types except non-public WordPress built-in post types
*
* @return array
*/
public function _get_post_types() {
$all_post_types = get_post_types();
$internal_post_types = get_post_types(array('public'=>false, '_builtin'=>true));
$post_types = array_diff($all_post_types, $internal_post_types);
return $post_types;
}
// end of _get_post_types()
public function get_edit_post_capabilities() {
$capabilities = array(
'create_posts',
'edit_posts',
'edit_published_posts',
'edit_others_posts',
'edit_private_posts',
'publish_posts',
'read_private_posts',
'delete_posts',
'delete_private_posts',
'delete_published_posts',
'delete_others_posts'
);
return $capabilities;
}
// end of get_edit_post_capabilities();
public function init_full_capabilities( $ure_object ) {
$capabilities = URE_Capabilities::get_instance();
$full_list = $capabilities->init_full_list( $ure_object );
return $full_list;
}
// end of init_full_capabilities()
public function restore_after_blog_switching($blog_id = 0) {
if (!empty($blog_id)) {
switch_to_blog($blog_id);
}
// cleanup blog switching data
$GLOBALS['_wp_switched_stack'] = array();
$GLOBALS['switched'] = ! empty( $GLOBALS['_wp_switched_stack'] );
}
// end of restore_after_blog_switching()
/**
* Returns administrator role ID
*
* @return string
*/
public function get_admin_role() {
$roles = $this->get_user_roles();
if (isset($roles['administrator'])) {
$admin_role_id = 'administrator';
} else {
// go through all roles and select one with max quant of capabilities included
$max_caps = -1;
$admin_role_id = '';
foreach(array_keys($roles) as $role_id) {
$caps = count($roles[$role_id]['capabilities']);
if ($caps>$max_caps) {
$max_caps = $caps;
$admin_role_id = $role_id;
}
}
}
return $admin_role_id;
}
// end get_admin_role()
/**
* Returns text presentation of user roles
*
* @param type $roles user roles list
* @return string
*/
public function roles_text($roles) {
global $wp_roles;
if (is_array($roles) && count($roles) > 0) {
$role_names = array();
foreach ($roles as $role) {
if (isset($wp_roles->roles[$role])) {
$role_names[] = $wp_roles->roles[$role]['name'];
} else {
$role_names[] = $role;
}
}
$output = implode(', ', $role_names);
} else {
$output = '';
}
return $output;
}
// end of roles_text()
public function about() {
if ($this->is_pro()) {
return;
}
?>
<h2>User Role Editor</h2>
<strong><?php esc_html_e('Version:', 'user-role-editor');?></strong> <?php echo URE_VERSION; ?><br/><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/vladimir.png'; ?>);" target="_blank" href="http://www.shinephp.com/"><?php _e("Author's website", 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/user-role-editor-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com"><?php _e('Plugin webpage', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/user-role-editor-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com/download-plugin"><?php _e('Plugin download', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/changelog-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com/changelog"><?php _e('Changelog', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/faq-icon.png'; ?>);" target="_blank" href="http://www.shinephp.com/user-role-editor-wordpress-plugin/#faq"><?php _e('FAQ', 'user-role-editor'); ?></a><br/>
<?php
/*
<hr />
<div style="text-align: center;">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted"
value="-----BEGIN PKCS7-----MIIHZwYJKoZIhvcNAQcEoIIHWDCCB1QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBME5QAQYFDddWBHA4YXI1x3dYmM77clH5s0CgokYnLVk0P8keOxMtYyNQo6xJs6pY1nJfE3tqNg8CZ3btJjmOUa6DsE+K8Nm6OxGHMQF45z8WAs+f/AvQWdSpPXD0eSMu9osNgmC3yv46hOT3B1J3rKkpeZzMThCdUfECqu+lluzELMAkGBSsOAwIaBQAwgeQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIeMSZk/UuZnuAgcAort75TUUbtDhmdTi1N0tR9W75Ypuw5nBw01HkZFsFHoGezoT95c3ZesHAlVprhztPrizl1UzE9COQs+3p62a0o+BlxUolkqUT3AecE9qs9dNshqreSvmC8SOpirOroK3WE7DStUvViBfgoNAPTTyTIAKKX24uNXjfvx1jFGMQGBcFysbb3OTkc/B6OiU2G951U9R8dvotaE1RQu6JwaRgwA3FEY9d/P8M+XdproiC324nzFel5WlZ8vtDnMyuPxOgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xMTEyMTAwODU3MjdaMCMGCSqGSIb3DQEJBDEWBBSFh6YmkoVtYdMaDd5G6EN0dGcPpzANBgkqhkiG9w0BAQEFAASBgAB91K/+gsmpbKxILdCVXCkiOg1zSG+tfq2EZSNzf8z/R1E3HH8qPdm68OToILsgWohKFwE+RCwcQ0iq77wd0alnWoknvhBBoFC/U0yJ3XmA3Hkgrcu6yhVijY/Odmf6WWcz79/uLGkvBSECbjTY0GLxvhRlsh2nAioCfxAr1cFo-----END PKCS7-----">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</div>
*/
?>
<?php
}
// end of about()
public function show_admin_role_allowed() {
$show_admin_role = $this->get_option('show_admin_role', 0);
$show_admin_role = ((defined('URE_SHOW_ADMIN_ROLE') && URE_SHOW_ADMIN_ROLE==1) || $show_admin_role==1) && $this->user_is_admin();
return $show_admin_role;
}
// end of show_admin_role()
/**
* Returns true if user has a real super administrator permissions
* It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions
* of a real superadmin under WP Multisite
* For WP Singlesite superadmin is a user with 'administrator' role only in opposite the WordPress's is_super_admin(),
* which counts as superadmin any user with 'delete_users' capability
*
* @param int $user_id
* @return boolean
*/
public function is_super_admin( $user_id = false ) {
if (empty($user_id)) {
$user = wp_get_current_user();
$user_id = $user->ID;
} else {
$user = get_userdata($user_id);
}
if (!$user || !$user->exists()) {
return false;
}
if ( $this->multisite && !$this->raised_permissions && is_super_admin( $user_id ) ) {
return true;
}
if (!$this->multisite && $this->user_has_role( $user, 'administrator' ) ) {
return true;
}
return false;
}
// end of is_super_admin()
public function user_has_role( $user, $role) {
if (empty($user)) {
return false;
}
if (!is_a($user, 'WP_User')) {
return false;
}
if (empty($user->roles)) {
return false;
}
if (!in_array( $role, $user->roles ) ) {
return false;
}
return true;
}
// end of user_has_role()
// Returns true for any capability if user is a real superadmin under WordPress Multisite
// Returns true if user has $capability assigned through the roles or directly
// Returns true if user has role with name equal $cap
public function user_has_capability($user, $cap) {
global $wp_roles;
if (!is_object($user) || !is_a( $user, 'WP_User') || empty($user->ID)) {
return false;
}
// Do not replace with $this->is_super_admin() to exclude recursion
if ($this->multisite && !$this->raised_permissions && is_super_admin($user->ID)) {
return true;
}
if (isset($user->caps[$cap])) {
return true;
}
foreach ($user->roles as $role) {
if ($role === $cap) {
return true;
}
if (!empty($wp_roles->roles[$role]['capabilities'][$cap])) {
return true;
}
}
return false;
}
// end of user_has_capability()
// create assign_role object
public function get_assign_role() {
$assign_role = new URE_Assign_Role();
return $assign_role;
}
// end of get_assign_role()
/**
* Compare if current URL path is equal to the required one
* if $path is empty, then just check if URL leads to wp-admin
* @param string $path
* @return boolean
*/
public function is_right_admin_path( $path='' ) {
$result = true;
$admin_url = admin_url( $path );
$parsed = wp_parse_url( $admin_url );
$full_path = $parsed['path'];
if ( stripos( $_SERVER['REQUEST_URI'], $full_path )===false ) {
$result = false;
}
return $result;
}
// end of is_right_admin_path()
public function is_wp_built_in_role( $role ) {
$wp_built_in_roles = array(
'administrator',
'editor',
'author',
'contributor',
'subscriber');
$result = in_array( $role, $wp_built_in_roles );
return $result;
}
// end of is_wp_built_in_role()
/*
* It's overriden in Pro version to add bbPress roles
*/
public function get_all_editable_roles() {
$roles = get_editable_roles(); // WordPress roles
if ( has_filter( 'editable_roles', array( User_Role_Editor::get_instance(), 'sort_wp_roles_list') ) ) {
// to show roles in the accending order
$roles = array_reverse( $roles );
}
return $roles;
}
// end of get_all_roles()
/*
* Wrapper to get_taxonomies() to get the custom taxonomies list
*/
public function get_custom_taxonomies( $output='names' ) {
$args = array(
'show_ui'=>true,
'public'=>true,
'_builtin'=>false
);
$taxonomies = get_taxonomies( $args, $output );
return $taxonomies;
}
// end of get_custom_taxonomies()
}
// end of URE_Lib class

160
wp/wp-content/plugins/user-role-editor/includes/classes/own-capabilities.php Normal file
View File

@@ -0,0 +1,160 @@
<?php
/**
* Class to provide the routine for the own User Role Editor user capabilities list
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Own_Capabilities {
const URE_SETTINGS_CAP_TR = 'ure_settings_cap';
public static function get_caps() {
$lib = URE_Lib::get_instance();
$ure_caps = array(
'ure_edit_roles' => 1,
'ure_create_roles' => 1,
'ure_delete_roles' => 1,
'ure_create_capabilities' => 1,
'ure_delete_capabilities' => 1,
'ure_manage_options' => 1,
'ure_reset_roles' => 1
);
if ($lib->is_pro()) {
$ure_caps['ure_export_roles'] = 1;
$ure_caps['ure_import_roles'] = 1;
$ure_caps['ure_admin_menu_access'] = 1;
$ure_caps['ure_widgets_access'] = 1;
$ure_caps['ure_widgets_show_access'] = 1;
$ure_caps['ure_meta_boxes_access'] = 1;
$ure_caps['ure_other_roles_access'] = 1;
$ure_caps['ure_edit_posts_access'] = 1;
$ure_caps['ure_edit_gravityforms_access'] = 1;
$ure_caps['ure_plugins_activation_access'] = 1;
$ure_caps['ure_view_posts_access'] = 1;
$ure_caps['ure_front_end_menu_access'] = 1;
$ure_caps['ure_nav_menus_access'] = 1;
$multisite = $lib->get('multisite');
if ($multisite) {
$ure_caps['ure_themes_access'] = 1;
}
}
return $ure_caps;
}
// end of get_caps()
/**
* return key capability to have access to User Role Editor Plugin
*/
public static function get_key_capability() {
$lib = URE_Lib::get_instance();
$key_cap = $lib->get('key_capability');
if (!empty($key_cap)) {
return $key_cap;
}
$multisite = $lib->get('multisite');
if ( !$multisite ) {
$key_cap = URE_KEY_CAPABILITY;
} else {
$enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
if ( ( defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1 ) ||
$enable_simple_admin_for_multisite ) {
$key_cap = URE_KEY_CAPABILITY;
} else {
$key_cap = 'manage_network_plugins';
}
}
$lib->set('key_capability', $key_cap);
return $key_cap;
}
// end of get_key_capability()
/**
* Return user capability for the User Role Editor Settings page
*
* @return string
*/
public static function get_settings_capability() {
$lib = URE_Lib::get_instance();
$settings_cap = $lib->get('settings_capability');
if ( !empty( $settings_cap ) ) {
return $settings_cap;
}
$multisite = $lib->get('multisite');
if (!$multisite) {
$settings_cap = 'ure_manage_options';
} else {
$enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
if ( ( defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE' ) && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1 ) ||
$enable_simple_admin_for_multisite ) {
$settings_cap = 'ure_manage_options';
} else {
$settings_cap = self::get_key_capability();
}
}
$lib->set('settings_capability', $settings_cap );
return $settings_cap;
}
// end of get_settings_capability()
public static function init_caps() {
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles['administrator'] ) ) {
return;
}
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
// Do not turn on URE caps for local administrator by default under multisite, as there is a superadmin.
$turn_on = !$multisite;
$old_use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$administrator = $wp_roles->role_objects['administrator'];
$ure_caps = self::get_caps();
foreach( array_keys( $ure_caps ) as $cap ) {
if ( !$administrator->has_cap( $cap ) ) {
$administrator->add_cap( $cap, $turn_on );
}
}
$wp_roles->use_db = $old_use_db;
}
// end of init_caps()
/**
* Return list of URE capabilities with data about groups they were included
*
* @return array
*/
public static function get_caps_groups() {
$ure_caps = self::get_caps();
$caps = array();
foreach( array_keys( $ure_caps ) as $ure_cap ) {
$caps[$ure_cap] = array('custom', 'user_role_editor');
}
return $caps;
}
// end of get_caps_groups()
}
// end of URE_Capabilities class

243
wp/wp-content/plugins/user-role-editor/includes/classes/protect-admin.php Normal file
View File

@@ -0,0 +1,243 @@
<?php
/*
* Main class of User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class URE_Protect_Admin {
private $lib = null;
private $user_to_check = null; // cached list of user IDs, who has Administrator role
public function __construct() {
global $pagenow;
$this->lib = URE_Lib::get_instance();
$this->user_to_check = array();
// Exclude administrator role from edit list.
add_filter('editable_roles', array($this, 'exclude_admin_role'));
if (in_array($pagenow, array('users.php', 'user-edit.php'))) {
// prohibit any actions with user who has Administrator role
add_filter('user_has_cap', array($this, 'not_edit_admin'), 10, 3);
}
// exclude users with 'Administrator' role from users list
add_action('pre_user_query', array($this, 'exclude_administrators'));
// do not show 'Administrator (s)' view above users list
add_filter('views_users', array($this, 'exclude_admins_view'));
}
// end of __construct()
// apply protection to the user edit pages only
protected function is_protection_applicable() {
global $pagenow;
$result = false;
$pages_to_block = array('profile.php', 'users.php', 'user-new.php', 'user-edit.php');
if (in_array($pagenow, $pages_to_block)) {
$result = true;
}
return $result;
}
// end of is_protection_applicable()
/**
* exclude administrator role from the roles list
*
* @param string $roles
* @return array
*/
public function exclude_admin_role( $roles ) {
if ( $this->is_protection_applicable() && isset( $roles['administrator'] ) ) {
unset( $roles['administrator'] );
}
return $roles;
}
// end of exclude_admin_role()
/**
* Check if user has "Administrator" role assigned
*
* @global wpdb $wpdb
* @param int $user_id
* @return boolean returns true is user has Role "Administrator"
*/
private function has_administrator_role($user_id) {
global $wpdb;
if (empty($user_id) || !is_numeric($user_id)) {
return false;
}
$meta_key = $wpdb->prefix .'capabilities';
$query = $wpdb->prepare(
"SELECT count(*)
FROM {$wpdb->usermeta}
WHERE user_id=%d AND meta_key=%s AND meta_value LIKE %s",
array($user_id, $meta_key, '%"administrator"%') );
$has_admin_role = $wpdb->get_var( $query );
if ($has_admin_role > 0) {
$result = true;
} else {
$result = false;
}
// cache checking result for the future use
$this->user_to_check[$user_id] = $result;
return $result;
}
// end of has_administrator_role()
/**
* We have two vulnerable queries with user id at admin interface, which should be processed
* 1st: http://blogdomain.com/wp-admin/user-edit.php?user_id=ID&wp_http_referer=%2Fwp-admin%2Fusers.php
* 2nd: http://blogdomain.com/wp-admin/users.php?action=delete&user=ID&_wpnonce=ab34225a78
* If put Administrator user ID into such request, user with lower capabilities (if he has 'edit_users')
* can edit, delete admin record
* This function removes 'edit_users' or 'delete_users' or 'remove_users' capability from current user capabilities,
* if request sent against a user with 'administrator' role
*
* @param array $allcaps
* @param type $caps
* @param string $name
* @return array
*/
public function not_edit_admin($allcaps, $caps, $name) {
if (is_array($caps) & count($caps)>0) {
// 1st element of this array not always has index 0. Use workaround to extract it.
$caps_v = array_values($caps);
$cap = $caps_v[0];
} else {
$cap = $caps;
}
$checked_caps = array('edit_users', 'delete_users', 'remove_users');
if (!in_array($cap, $checked_caps)) {
return $allcaps;
}
$user_keys = array('user_id', 'user');
foreach ($user_keys as $user_key) {
$access_deny = false;
$user_id = (int) $this->lib->get_request_var($user_key, 'get', 'int');
if (empty($user_id)) { // check the next key
continue;
}
if ($user_id == 1) { // built-in WordPress Admin
$access_deny = true;
} else {
if (!isset($this->user_to_check[$user_id])) {
// check if user_id has Administrator role
$access_deny = $this->has_administrator_role($user_id);
} else {
// user_id was checked already, get result from cash
$access_deny = $this->user_to_check[$user_id];
}
}
if ($access_deny && isset($allcaps[$cap])) {
unset($allcaps[$cap]);
}
break;
}
return $allcaps;
}
// end of not_edit_admin()
/**
* add where criteria to exclude users with 'Administrator' role from users list
*
* @global wpdb $wpdb
* @param type $user_query
*/
public function exclude_administrators($user_query) {
global $wpdb;
if (!$this->is_protection_applicable()) { // block the user edit stuff only
return;
}
// get user_id of users with 'Administrator' role
$current_user_id = get_current_user_id();
$meta_key = $wpdb->prefix . 'capabilities';
$query = $wpdb->prepare(
"SELECT user_id
FROM {$wpdb->usermeta}
WHERE user_id!=%d AND meta_key=%s AND meta_value like %s",
array($current_user_id, $meta_key, '%"administrator"%'));
$ids_arr = $wpdb->get_col( $query );
if (is_array($ids_arr) && count($ids_arr) > 0) {
$ids = implode(',', $ids_arr);
$user_query->query_where .= " AND ( $wpdb->users.ID NOT IN ( $ids ) )";
}
}
// end of exclude_administrators()
private function extract_view_quantity($text) {
$match = array();
$result = preg_match('#\((.*?)\)#', $text, $match);
if ($result) {
$quantity = $match[1];
} else {
$quantity = 0;
}
return $quantity;
}
// end of extract_view_quantity()
private function extract_int($str_val) {
$str_val1 = str_replace(',', '', $str_val); // remove ',' from numbers like '2,015'
$int_val = (int) preg_replace('/[^\-\d]*(\-?\d*).*/','$1', $str_val1); // extract numeric value strings like from '2015 bla-bla'
return $int_val;
}
// end of extract_int()
/*
* Exclude view of users with Administrator role
*
*/
public function exclude_admins_view($views) {
if (!isset($views['administrator'])) {
return $views;
}
if (isset($views['all'])) {
// Decrease quant of all users for a quant of hidden admins
$admins_orig_s = $this->extract_view_quantity($views['administrator']);
$admins_int = $this->extract_int($admins_orig_s);
$all_orig_s = $this->extract_view_quantity($views['all']);
$all_orig_int = $this->extract_int($all_orig_s);
$all_new_int = $all_orig_int - $admins_int;
$all_new_s = number_format_i18n($all_new_int);
$views['all'] = str_replace($all_orig_s, $all_new_s, $views['all']);
}
unset($views['administrator']);
return $views;
}
// end of exclude_admins_view()
}
// end of URE_Protect_Admin class

144
wp/wp-content/plugins/user-role-editor/includes/classes/role-additional-options.php Normal file
View File

@@ -0,0 +1,144 @@
<?php
class URE_Role_Additional_Options {
private static $instance = null;
private $lib = null;
private $items = null;
private $active_items = null;
const STORAGE_ID = 'ure_role_additional_options_values';
private function __construct($lib) {
$this->lib = $lib;
$this->init();
}
// end of __construct()
public static function get_instance($lib) {
if (self::$instance===null) {
self::$instance = new URE_Role_Additional_Options($lib);
}
return self::$instance;
}
// end of get_instance()
public static function create_item($id, $label, $hook, $routine) {
$item = new stdClass();
$item->id = $id;
$item->label = $label;
$item->hook = $hook;
$item->routine = $routine;
return $item;
}
// end of create_item()
public static function get_active_items() {
$data = get_option(self::STORAGE_ID, array());
return $data;
}
private function init() {
$this->items = array();
$item = self::create_item('hide_admin_bar', esc_html__('Hide admin bar', 'user-role-editor'), 'init', 'ure_hide_admin_bar');
$this->items[$item->id] = $item;
// Allow other developers to modify the list of role's additonal options
$this->items = apply_filters('ure_role_additional_options', $this->items);
$this->active_items = self::get_active_items();
}
// end of init()
public function set_active_items_hooks() {
$current_user = wp_get_current_user();
foreach($current_user->roles as $role) {
if (!isset($this->active_items[$role])) {
continue;
}
foreach(array_keys($this->active_items[$role]) as $item_id) {
if (isset($this->items[$item_id])) {
add_action($this->items[$item_id]->hook, $this->items[$item_id]->routine, 99);
}
}
}
}
// end of set_active_items_hooks()
public function save($current_role) {
$wp_roles = wp_roles();
$this->active_items = self::get_active_items();
// remove non-existing roles
foreach(array_keys($this->active_items) as $role_id) {
if (!isset($wp_roles->roles[$role_id])) {
unset($this->active_items[$role_id]);
}
}
// Save additonal options section for the current role
$this->active_items[$current_role] = array();
foreach( $this->items as $item ) {
if ( isset( $_POST['values'][$item->id] ) ) {
$this->active_items[$current_role][$item->id] = 1;
}
}
update_option( self::STORAGE_ID, $this->active_items );
}
// end of save()
public function show($current_role) {
?>
<hr />
<?php echo esc_html__('Additional Options', 'user-role-editor');?>:
<table id="additional_options" class="form-table" style="clear:none;" cellpadding="0" cellspacing="0">
<tr>
<td>
<?php
$first_time = true;
foreach($this->items as $item) {
$checked = (isset($this->active_items[$current_role]) &&
isset($this->active_items[$current_role][$item->id])) ? 'checked="checked"' : '';
if (!$first_time) {
?>
<br/>
<?php
}
?>
<input type="checkbox" name="<?php echo $item->id;?>" id="<?php echo $item->id;?>" value="<?php echo $item->id;?>" <?php echo $checked;?> >
<label for="<?php echo $item->id;?>"><?php echo $item->label;?></label>
<?php
$first_time = false;
}
?>
</td>
<td></td>
</tr>
</table>
<?php
}
// end of show()
}
// end of URE_Role_Additional_Options class

418
wp/wp-content/plugins/user-role-editor/includes/classes/role-view.php Normal file
View File

@@ -0,0 +1,418 @@
<?php
/**
* Role capabilities View class to output HTML with role capabilities
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Role_View extends URE_View {
public $role_default_html = '';
private $role_to_copy_html = '';
private $role_select_html = '';
private $role_delete_html = '';
private $caps_to_remove = null;
public function __construct() {
parent::__construct();
$capabilities = URE_Capabilities::get_instance();
$this->caps_to_remove = $capabilities->get_caps_to_remove();
}
// end of __construct()
public function role_default_prepare_html($select_width=200) {
$roles = $this->lib->get_editable_user_roles();
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
$show_admin_role = $this->lib->show_admin_role_allowed();
if ($select_width>0) {
$select_style = 'style="width: '. $select_width .'px"';
} else {
$select_style = '';
}
$wp_default_role = get_option( 'default_role' );
$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
foreach ($roles as $key => $value) {
$selected = selected($key, $wp_default_role, false);
$disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
if ($show_admin_role || $key != 'administrator') {
$this->role_default_html .= '<option value="' . $key . '" ' . $selected .' '. $disabled .'>'. $value['name'] .' (' . $key . ')</option>';
}
}
$this->role_default_html .= '</select>';
}
// end of role_default_prepare_html()
private function role_select_copy_prepare_html( $select_width=200 ) {
$current_user = wp_get_current_user();
$key_capability = URE_Own_Capabilities::get_key_capability();
$user_is_ure_admin = current_user_can( $key_capability );
$role_to_skip = ( $user_is_ure_admin ) ? '' : $current_user->roles[0];
$caps_access_restrict_for_simple_admin = $this->lib->get_option( 'caps_access_restrict_for_simple_admin', 0 );
$show_admin_role = $this->lib->show_admin_role_allowed();
$this->role_to_copy_html = '<select id="user_role_copy_from" name="user_role_copy_from" style="width: '. $select_width .'px">
<option value="none" selected="selected">' . esc_html__('None', 'user-role-editor') . '</option>';
$this->role_select_html = '<select id="user_role" name="user_role" onchange="ure_main.role_change( this.value );">';
$current_role = $this->editor->get( 'current_role' );
$all_roles = $this->editor->get( 'roles' );
$roles = $this->lib->get_editable_user_roles( $all_roles );
foreach ($roles as $key => $value) {
if ( $key===$role_to_skip ) { // skip role of current user if he does not have full access to URE
continue;
}
$selected1 = selected( $key, $current_role, false );
$disabled = ( $key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
if ( $show_admin_role || $key != 'administrator' ) {
$role_name = $value['name'] .' (' . $key . ')';
$this->role_select_html .= '<option value="' . $key . '" ' . $selected1 .' '. $disabled .'>' . $role_name . '</option>';
$this->role_to_copy_html .= '<option value="' . $key .'" '. $disabled .'>' . $role_name . '</option>';
}
}
$this->role_select_html .= '</select>';
$this->role_to_copy_html .= '</select>';
}
// end of role_select_copy_prepare_html()
private function role_delete_prepare_html() {
$roles_can_delete = $this->editor->get_roles_can_delete();
if ( is_array( $roles_can_delete ) && count( $roles_can_delete ) > 0) {
ksort( $roles_can_delete );
$this->role_delete_html = '<select id="del_user_role" name="del_user_role" width="250" style="width: 250px">';
foreach ($roles_can_delete as $key => $value) {
$this->role_delete_html .= '<option value="' . $key . '">' . esc_html__($value, 'user-role-editor') . '</option>';
}
$this->role_delete_html .= '<option value="-1" style="color: red;">' . esc_html__('Delete All Unused Roles', 'user-role-editor') . '</option>';
$this->role_delete_html .= '</select>';
} else {
$this->role_delete_html = '';
}
}
// end of role_delete_prepare_html()
/**
* Build HTML for select drop-down list from capabilities we can remove
*
* @return string
**/
public static function caps_to_remove_html() {
global $wp_roles;
$capabilities = URE_Capabilities::get_instance();
$caps_to_remove = $capabilities->get_caps_to_remove();
if ( empty( $caps_to_remove ) || !is_array( $caps_to_remove ) && count( $caps_to_remove )===0 ) {
return '';
}
$caps = array_keys($caps_to_remove);
asort($caps);
$network_admin = filter_input(INPUT_POST, 'network_admin', FILTER_SANITIZE_NUMBER_INT);
$current_role = isset( $_POST['current_role'] ) ? URE_Base_Lib::filter_string_var( $_POST['current_role'] ) : '';
if (!isset($wp_roles->roles[$current_role])) {
$current_role = '';
}
ob_start();
?>
<form name="ure_remove_caps_form" id="ure_remove_caps_form" method="POST"
action="<?php echo admin_url() . ($network_admin ? 'network/':'') . URE_PARENT .'?page=users-'.URE_PLUGIN_FILE;?>" >
<table id="ure_remove_caps_table">
<tr>
<th>
<input type="checkbox" id="ure_remove_caps_select_all">
</th>
<th></th>
</tr>
<?php
foreach($caps as $cap_id) {
$cap_id_esc = 'rm_'.URE_Capability::escape($cap_id);
?>
<tr>
<td>
<input type="checkbox" name="<?php echo $cap_id_esc;?>" id="<?php echo $cap_id_esc;?>" class="ure-cb-column"
value="<?php echo $cap_id;?>"/>
</td>
<td>
<label for="<?php echo $cap_id_esc;?>"><?php echo $cap_id; ?></label>
</td>
</tr>
<?php
} // foreach($caps...)
?>
</table>
<input type="hidden" name="action" id="action" value="delete-user-capability" />
<input type="hidden" name="user_role" id="ure_role" value="<?php echo $current_role;?>" />
<?php wp_nonce_field('user-role-editor', 'ure_nonce'); ?>
</form>
<?php
$html = ob_get_contents();
ob_end_clean();
return $html;
}
// end of caps_to_remove_html()
public function role_edit_prepare_html( $select_width=200 ) {
$this->role_select_copy_prepare_html( $select_width );
$multisite = $this->lib->get( 'multisite' );
if ( $multisite && !is_network_admin() ) {
$this->role_default_prepare_html( $select_width );
}
$this->role_delete_prepare_html();
}
// end of role_edit_prepare_html()
public function display_edit_dialogs() {
$multisite = $this->lib->get('multisite');
$current_role = $this->editor->get('current_role');
$current_role_name = $this->editor->get('current_role_name');
?>
<script language="javascript" type="text/javascript">
var ure_current_role = '<?php echo $current_role; ?>';
var ure_current_role_name = "<?php echo $current_role_name; ?>";
</script>
<!-- popup dialogs markup -->
<div id="ure_add_role_dialog" class="ure-modal-dialog" style="padding: 10px;">
<form id="ure_add_role_form" name="ure_add_role_form" method="POST">
<div class="ure-label"><?php esc_html_e('Role name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="user_role_id" id="user_role_id" size="25"/></div>
<div class="ure-label"><?php esc_html_e('Display Role Name: ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="user_role_name" id="user_role_name" size="25"/></div>
<div class="ure-label"><?php esc_html_e('Make copy of: ', 'user-role-editor'); ?></div>
<div class="ure-input"><?php echo $this->role_to_copy_html; ?></div>
</form>
</div>
<div id="ure_rename_role_dialog" class="ure-modal-dialog" style="padding: 10px;">
<form id="ure_rename_role_form" name="ure_rename_role_form" method="POST">
<div class="ure-label"><?php esc_html_e('Role name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="ren_user_role_id" id="ren_user_role_id" size="25" disabled /></div>
<div class="ure-label"><?php esc_html_e('Display Role Name: ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="ren_user_role_name" id="ren_user_role_name" size="25"/></div>
</form>
</div>
<div id="ure_delete_role_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-label"><?php esc_html_e('Select Role:', 'user-role-editor');?></div>
<div class="ure-input"><?php echo $this->role_delete_html; ?></div>
</div>
</div>
<?php
if ($multisite && !is_network_admin()) {
?>
<div id="ure_default_role_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<?php echo $this->role_default_html; ?>
</div>
</div>
<?php
}
?>
<div id="ure_delete_capability_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-input"></div>
</div>
</div>
<div id="ure_add_capability_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-label"><?php esc_html_e('Capability name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="capability_id" id="capability_id" size="25"/></div>
</div>
</div>
<?php
URE_View::output_task_status_div();
}
// end of output_role_edit_dialogs()
/**
* output HTML code to create URE toolbar
*
* @param string $this->current_role
* @param boolean $role_delete
* @param boolean $capability_remove
*/
public function toolbar() {
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
if ($caps_access_restrict_for_simple_admin) {
$add_del_role_for_simple_admin = $this->lib->get_option('add_del_role_for_simple_admin', 1);
} else {
$add_del_role_for_simple_admin = 1;
}
$super_admin = $this->lib->is_super_admin();
$multisite = $this->lib->get('multisite');
?>
<div id="ure_toolbar" >
<div id="ure_update">
<button id="ure_update_role" class="ure_toolbar_button button-primary" >Update</button>
<?php
do_action('ure_role_edit_toolbar_update');
?>
</div>
<?php
if (!$multisite || $super_admin || $add_del_role_for_simple_admin) { // restrict single site admin
?>
<hr />
<?php
if (current_user_can('ure_create_roles')) {
?>
<button id="ure_add_role" class="ure_toolbar_button">Add Role</button>
<?php
}
?>
<button id="ure_rename_role" class="ure_toolbar_button">Rename Role</button>
<?php
} // restrict single site admin
if (!$multisite || $super_admin || !$caps_access_restrict_for_simple_admin) { // restrict single site admin
if (current_user_can('ure_create_capabilities')) {
?>
<button id="ure_add_capability" class="ure_toolbar_button">Add Capability</button>
<?php
}
} // restrict single site admin
if (!$multisite || $super_admin || $add_del_role_for_simple_admin) { // restrict single site admin
if (!empty($this->role_delete_html) && current_user_can('ure_delete_roles')) {
?>
<button id="ure_delete_role" class="ure_toolbar_button">Delete Role</button>
<?php
}
} // restrict single site admin
if (!$multisite || $super_admin || !$caps_access_restrict_for_simple_admin) { // restrict single site admin
if (!empty($this->caps_to_remove) && is_array($this->caps_to_remove) && count($this->caps_to_remove)>0 &&
current_user_can('ure_delete_capabilities')) {
?>
<button id="ure_delete_capability" class="ure_toolbar_button">Delete Capability</button>
<?php
}
if ($multisite && !is_network_admin()) { // Show for single site for WP multisite only
?>
<hr />
<button id="ure_default_role" class="ure_toolbar_button">Default Role</button>
<hr />
<?php
}
?>
<div id="ure_service_tools">
<?php
do_action('ure_role_edit_toolbar_service');
?>
</div>
<?php
} // restrict single site admin
?>
</div>
<?php
}
// end of toolbar()
private function display_options() {
$multisite = $this->lib->get('multisite');
$active_for_network = $this->lib->get('active_for_network');
?>
<div id="ure_editor_options">
<?php
$caps_readable = $this->editor->get('caps_readable');
if ($caps_readable) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
if ($this->lib->is_super_admin() || !$multisite || !$this->lib->is_pro() || !$caps_access_restrict_for_simple_admin) {
?>
<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_main.turn_caps_readable();"/>
<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>&nbsp;&nbsp;
<?php
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
if ($show_deprecated_caps) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_show_deprecated_caps" id="ure_show_deprecated_caps" value="1" <?php echo $checked; ?> onclick="ure_turn_deprecated_caps(0);"/>
<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
<?php
}
if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && $this->lib->is_super_admin()) {
$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
$apply_to_all = $this->editor->get('apply_to_all');
if ($apply_to_all) {
$checked = 'checked="checked"';
$fontColor = 'color:#FF0000;';
} else {
$checked = '';
$fontColor = '';
}
?>
<div style="float: right; margin-left:10px; margin-right: 20px; <?php echo $fontColor; ?>" id="ure_apply_to_all_div">
<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1"
<?php echo $checked; ?> title="<?php echo $hint; ?>" onclick="ure_main.apply_to_all_on_click(this)"/>
<label for="ure_apply_to_all" title="<?php echo $hint; ?>"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
</div>
<?php
}
?>
</div>
<hr>
<?php
}
// end of display_options()
public function display() {
?>
<div class="postbox" style="min-width:800px;width:100%">
<div id="ure_role_selector">
<span id="ure_role_select_label"><?php esc_html_e('Select Role and change its capabilities:', 'user-role-editor'); ?></span> <?php echo $this->role_select_html; ?>
</div>
<div class="inside">
<?php
$this->display_options();
$this->display_caps();
$ao = $this->editor->get('role_additional_options');
$current_role = $this->editor->get('current_role');
$ao->show($current_role);
?>
<input type="hidden" name="object" value="role" />
</div>
</div>
<?php
}
// end of display()
}
// end of class URE_Role_View

124
wp/wp-content/plugins/user-role-editor/includes/classes/screen-help.php Normal file
View File

@@ -0,0 +1,124 @@
<?php
/*
* User Role Editor Settings page on Screen Help class
*
*/
class URE_Screen_Help {
protected function get_general_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>
<li><strong>' . esc_html__('Show Administrator role at User Role Editor', 'user-role-editor').'</strong> - ' .
esc_html__('turn this option on in order to make the "Administrator" role available at the User Role Editor '
. 'roles selection drop-down list. It is hidden by default for security reasons.','user-role-editor') . '</li>
<li><strong>' . esc_html__('Show capabilities in the human readable form','user-role-editor').'</strong> - ' .
esc_html__('automatically converts capability names from the technical form for internal use like '
. '"edit_others_posts" to more user friendly form, e.g. "Edit others posts".','user-role-editor') . '</li>
<li><strong>' . esc_html__('Show deprecated capabilities','user-role-editor').'</strong> - '.
esc_html__('Capabilities like "level_0", "level_1" are deprecated and are not used by WordPress. '
. 'They are left at the user roles for the compatibility purpose with old themes and plugins code. '
. 'Turning on this option will show those deprecated capabilities.', 'user-role-editor') . '</li>
<li><strong>' . esc_html__('Confirm role update','user-role-editor').'</strong> - ' .
esc_html__('Show confirmation dialog before save changes made to a current role.') . '</li>
<li><strong>' . esc_html__('Edit user capabilities','user-role-editor').'</strong> - '.
esc_html__('If turned off - capabilities section of selected user is shown in readonly mode. '
. 'Administrator can not assign capabilities to the user directly. '
. 'He should do it using roles only.', 'user-role-editor') . '</li>';
$text = apply_filters('ure_get_settings_general_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_general_tab()
protected function get_additional_modules_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>';
if (!is_multisite()) {
$text .= '<li><strong>' . esc_html__('Count users without role', 'user-role-editor').'</strong> - ' .
esc_html__('Show at the "Users" page a quant of users without role. Module allows to assign all of them '.
'an empty role "No rights", in order to look on the users list with role "No rights" at the separate tab then.','user-role-editor') . '</li>';
}
$text = apply_filters('ure_get_settings_additional_modules_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_additional_modules_tab()
protected function get_default_roles_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>
<li><strong>' . esc_html__('Other default roles for new registered user', 'user-role-editor').'</strong> - ' .
esc_html__('select roles below to assign them to the new user automatically as an addition to the primary role. '.
'Note for multisite environment: take into account that other default roles should exist at the site, '.
'in order to be assigned to the new registered users.','user-role-editor') . '</li>';
$text = apply_filters('ure_get_settings_default_roles_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_default_roles_tab()
protected function get_multisite_tab() {
$text = '<h2>'. esc_html__( 'User Role Editor Options page help', 'user-role-editor' ) .'</h2>
<p>
<ul>
<li><strong>' . esc_html__( 'Allow non super-administrators to create, edit and delete users', 'user-role-editor' ).'</strong> - '.
esc_html__( 'Super administrator only may create, edit and delete users under WordPress multi-site by default. '.
'Turn this option on in order to remove this limitation.','user-role-editor' ) .'</li>';
$text = apply_filters('ure_get_settings_multisite_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_multisite_tab()
public function get_settings_help($tab_name) {
switch ($tab_name) {
case 'general':{
$text = $this->get_general_tab();
break;
}
case 'additional_modules':{
$text = $this->get_additional_modules_tab();
break;
}
case 'default_roles':{
$text = $this->get_default_roles_tab();
break;
}
case 'multisite':{
$text = $this->get_multisite_tab();
break;
}
default:
}
return $text;
}
// end of get_settings_help()
}
// end of URE_Screen_Help

270
wp/wp-content/plugins/user-role-editor/includes/classes/settings.php Normal file
View File

@@ -0,0 +1,270 @@
<?php
/**
* Settings manager
*
* Project: User Role Editor WordPress plugin
*
* Author: Vladimir Garagulya
* email: support@role-editor.com
*
**/
class URE_Settings {
protected static function get_action() {
$action = 'show';
$update_buttons = array(
'ure_settings_update',
'ure_addons_settings_update',
'ure_settings_ms_update',
'ure_default_roles_update',
'ure_settings_tools_exec');
foreach($update_buttons as $update_button) {
if (!isset($_POST[$update_button])) {
continue;
}
if (!wp_verify_nonce($_POST['_wpnonce'], 'user-role-editor')) {
wp_die('Security check failed');
}
$action = $update_button;
break;
}
return $action;
}
// end of get_settings_action()
/**
* Update General Options tab
*/
protected static function update_general_options() {
$lib = URE_Lib::get_instance();
if (defined('URE_SHOW_ADMIN_ROLE') && (URE_SHOW_ADMIN_ROLE == 1)) {
$show_admin_role = 1;
} else {
$show_admin_role = $lib->get_request_var('show_admin_role', 'post', 'checkbox');
}
$lib->put_option('show_admin_role', $show_admin_role);
$caps_readable = $lib->get_request_var('caps_readable', 'post', 'checkbox');
$lib->put_option('ure_caps_readable', $caps_readable);
$show_deprecated_caps = $lib->get_request_var('show_deprecated_caps', 'post', 'checkbox');
$lib->put_option('ure_show_deprecated_caps', $show_deprecated_caps);
$confirm_role_update = $lib->get_request_var('confirm_role_update', 'post', 'checkbox');
$lib->put_option('ure_confirm_role_update', $confirm_role_update);
$edit_user_caps = $lib->get_request_var('edit_user_caps', 'post', 'checkbox');
$lib->put_option('edit_user_caps', $edit_user_caps);
$caps_columns_quant = (int) $lib->get_request_var('caps_columns_quant', 'post', 'int');
$lib->put_option('caps_columns_quant', $caps_columns_quant);
do_action('ure_settings_update1');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_general_options()
/**
* Update Additional Modules Options tab
*/
protected static function update_addons_options() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if (!$multisite) {
$count_users_without_role = $lib->get_request_var('count_users_without_role', 'post', 'checkbox');
$lib->put_option('count_users_without_role', $count_users_without_role);
}
do_action('ure_settings_update2');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_addons_options()
protected static function update_default_roles() {
global $wp_roles;
$lib = URE_Lib::get_instance();
// Primary default role
$primary_default_role = $lib->get_request_var('default_user_role', 'post');
if (!empty($primary_default_role) && isset($wp_roles->role_objects[$primary_default_role]) && $primary_default_role !== 'administrator') {
update_option('default_role', $primary_default_role);
}
// Other default roles
$other_default_roles = array();
foreach($_POST as $key=>$value) {
$prefix = substr($key, 0, 8);
if ($prefix!=='wp_role_') {
continue;
}
$role_id = substr($key, 8);
if ($role_id!=='administrator' && isset($wp_roles->role_objects[$role_id])) {
$other_default_roles[] = $role_id;
}
} // foreach()
$lib->put_option('other_default_roles', $other_default_roles, true);
$lib->show_message(esc_html__('Default Roles are updated', 'user-role-editor'));
}
// end of update_default_roles()
protected static function update_multisite_options() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if (!$multisite) {
return;
}
$allow_edit_users_to_not_super_admin = $lib->get_request_var('allow_edit_users_to_not_super_admin', 'post', 'checkbox');
$lib->put_option('allow_edit_users_to_not_super_admin', $allow_edit_users_to_not_super_admin);
do_action('ure_settings_ms_update');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_multisite_options()
protected static function tools_exec() {
$lib = URE_Lib::get_instance();
$roles_reset = $lib->get_request_var( 'ure_reset_roles_exec', 'post', 'int');
if ( $roles_reset==1 ) {
URE_Tools::reset_roles();
} else {
do_action( 'ure_settings_tools_exec' );
}
}
//end of tools_exec()
private static function controller() {
$action = self::get_action();
switch ($action) {
case 'ure_settings_update':
self::update_general_options();
break;
case 'ure_addons_settings_update':
self::update_addons_options();
break;
case 'ure_settings_ms_update':
self::update_multisite_options();
break;
case 'ure_default_roles_update':
self::update_default_roles();
break;
case 'ure_settings_tools_exec':
self::tools_exec();
break;
case 'show':
default:
;
} // switch()
}
// end of controller()
public static function show_other_default_roles() {
$lib = URE_Lib::get_instance();
$other_default_roles = $lib->get_option('other_default_roles', array());
$roles = $lib->get_editable_user_roles();
$wp_default_role = get_option('default_role');
foreach ($roles as $role_id => $role) {
if ( $role_id=='administrator' || $role_id==$wp_default_role ) {
continue;
}
if ( in_array( $role_id, $other_default_roles ) ) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label for="wp_role_' . $role_id .'"><input type="checkbox" id="wp_role_' . $role_id .
'" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked .' />&nbsp;' .
$role['name'] . '</label><br />';
}
}
// end of show_other_default_roles()
public static function get_settings_link() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if ($multisite && is_network_admin()) {
$link = 'settings.php';
} else {
$link = 'options-general.php';
}
return $link;
}
// end of get_settings_link();
public static function show() {
$lib = URE_Lib::get_instance();
self::controller();
if (defined('URE_SHOW_ADMIN_ROLE') && (URE_SHOW_ADMIN_ROLE == 1)) {
$show_admin_role = 1;
} else {
$show_admin_role = $lib->get_option('show_admin_role', 0);
}
$caps_readable = $lib->get_option('ure_caps_readable', 0);
$show_deprecated_caps = $lib->get_option('ure_show_deprecated_caps', 0);
$confirm_role_update = $lib->get_option('ure_confirm_role_update', 1);
$edit_user_caps = $lib->get_option('edit_user_caps', 1);
$caps_columns_quant = $lib->get_option('caps_columns_quant', 1);
$multisite = $lib->get('multisite');
if ($multisite) {
$allow_edit_users_to_not_super_admin = $lib->get_option('allow_edit_users_to_not_super_admin', 0);
} else {
$count_users_without_role = $lib->get_option('count_users_without_role', 0);
}
$view = new URE_Role_View();
$view->role_default_prepare_html(0);
$ure_tab_idx = (int) $lib->get_request_var('ure_tab_idx', 'post', 'int');
do_action('ure_settings_load');
$link = self::get_settings_link();
$active_for_network = $lib->get('active_for_network');
$license_key_only = $multisite && is_network_admin() && !$active_for_network;
require_once(URE_PLUGIN_DIR . 'includes/settings-template.php');
}
// end of show()
}
// end of URE_Settings class

148
wp/wp-content/plugins/user-role-editor/includes/classes/task-queue.php Normal file
View File

@@ -0,0 +1,148 @@
<?php
/*
* User Role Editor Pro WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v3
*
*/
/*
* User Role Editor's internal tasks queue
* Usage: on URE plugin activation URE adds 'on_activation' task to this queue, which fires 'ure_on_activation' action
* on the next WordPress call. It's useful when some action is needed unavailable at standard plugin activation point,
* like 'admin_menu', which is used for the admin menu access data conversion - class URE_Admin_Menu_Hashes.
* Class User_Role_Editor_Pro adds execute_once method for the 'ure_on_activation' action, where
* URE_Admin_Menu_Hashes::require_data_conversion(); method is called which registers tasks for data coversion, including
* individual tasks for every site of the multisite network
*
*/
class URE_Task_Queue {
private static $instance = null; // object exemplar reference according to singleton patern
const OPTION_NAME = 'ure_tasks_queue';
private $queue = null;
public static function get_instance() {
if (self::$instance===null) {
self::$instance = new URE_Task_Queue();
}
return self::$instance;
}
// end of get_instance()
protected function __construct() {
$this->init();
}
// end of __construct()
private function init() {
$this->queue = get_option(self::OPTION_NAME, array());
}
// end of init()
public function reinit() {
$this->init();
}
// end of reinit()
/**
*
* @param string $task_id
* @param array $args=array('action'=>'action_name', 'routine'=>'routine_name', 'priority'=>99)
*/
public function add($task_id, $args=array()) {
$this->queue[$task_id] = $args;
update_option(self::OPTION_NAME, $this->queue);
}
// end of add_task()
public function remove($task_id) {
if (isset($this->queue[$task_id])) {
unset($this->queue[$task_id]);
update_option(self::OPTION_NAME, $this->queue);
}
}
// end of remove_task()
/**
* Returns true in case a queue is empty
*
* @return boolean
*/
public function is_empty() {
return count($this->queue)==0;
}
// end of is_empty()
/**
* Consumers should add there tasks with add_method and add 'ure_fulfil_task' action routine to work on it.
* Do not forget remove task after it was fulfilled.
*
* @return void
*/
public function process() {
if ($this->is_empty()) {
return;
}
foreach($this->queue as $task_id=>$task) {
if ($task_id=='on_activation') {
do_action('ure_on_activation');
$this->remove('on_activation'); // remove this task after execution if it was defined
} elseif (!empty($task['action'])) {
$priority = empty($task['priority']) ? 10: $task['priority'];
add_action($task['action'], $task['routine'], $priority);
} else {
add_action('init', $task['routine']);
}
}
}
// end of process();
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of class URE_On_Activation

82
wp/wp-content/plugins/user-role-editor/includes/classes/tools.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
class URE_Tools {
const RESET_ROLES_SECURE_TEXT = 'Permanently delete all custom user roles and capabilities';
private static function show_reset_roles( $tab_idx ) {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
$link = URE_Settings::get_settings_link();
if (!$multisite || (is_main_site( get_current_blog_id() ) || ( is_network_admin() && $lib->is_super_admin() ) ) ) {
if ( current_user_can( 'ure_reset_roles' ) ) {
?>
<div style="margin: 10px 0 10px 0; border: 1px solid red; padding: 0 10px 10px 10px; text-align:left;">
<form name="ure_reset_roles_form" id="ure_reset_roles_form" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<h3>Reset User Roles</h3>
<span style="color: red;"><?php esc_html_e('WARNING!', 'user-role-editor');?></span>&nbsp;
<?php
esc_html_e('Resetting will setup default user roles and capabilities from WordPress core.', 'user-role-editor'); echo '<br>';
esc_html_e('If any plugins (such as WooCommerce, S2Member and many others) have changed user roles and capabilities during installation, those changes will be LOST!', 'user-role-editor'); echo '<br>';
esc_html_e('For more information on how to undo undesired changes and restore plugins capabilities in case you lost them by mistake go to: ', 'user-role-editor');
echo '<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>';
if ( $multisite ) {
?>
<br><br>
<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1" />
<label for="ure_apply_to_all"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
(<?php esc_html_e('If checked, then apply action to ALL sites. Main site only is affected in other case.', 'user-role-editor'); ?>)
<?php
}
?>
<br><br>
<input type="text" id="ure_reset_roles_secure" name="ure_reset_roles_secure" value="" placeholder="<?php echo URE_Tools::RESET_ROLES_SECURE_TEXT;?>" style="width:400px;"/>
&lt;- <span style="color: red;"><?php echo URE_Tools::RESET_ROLES_SECURE_TEXT; ?></span>
<br><br>
<button id="ure_reset_roles_button" style="width: 100px; color: red;" title="<?php esc_html_e('Reset Roles to its original state', 'user-role-editor'); ?>" disabled><?php esc_html_e('Reset', 'user-role-editor');?></button>
<?php wp_nonce_field('user-role-editor'); ?>
<input type="hidden" name="ure_settings_tools_exec" value="1" />
<input type="hidden" name="ure_reset_roles_exec" value="1" />
<input type="hidden" name="ure_tab_idx" value="<?php echo $tab_idx; ?>" />
</form>
</div>
<?php
}
}
}
// end of show_reset()
public static function reset_roles() {
$editor = URE_Editor::get_instance();
if ( !$editor->reset_user_roles() ) {
return;
}
$lib = URE_Lib::get_instance();
$lib->put_option( 'other_default_roles', array(), true );
$lib->show_message( esc_html__('Tools: Reset: User Roles were initialized', 'user-role-editor') );
}
// end of reset_roles()
public static function show( $tab_idx ) {
do_action( 'ure_settings_tools_show', $tab_idx );
// Placed here, after all tools which may be added above, as a very rare needed functionality
self::show_reset_roles( $tab_idx );
}
// end of show()
}
// end of URE_Tools

95
wp/wp-content/plugins/user-role-editor/includes/classes/uninstall.php Normal file
View File

@@ -0,0 +1,95 @@
<?php
class URE_Uninstall {
protected $lib = null;
protected $options = null;
protected $own_caps = null;
public function __construct() {
$this->lib = URE_Lib::get_instance();
$this->init_options_list();
$this->own_caps = array_keys( URE_Own_Capabilities::get_caps() );
}
// end of __construct()
protected function init_options_list() {
$this->options = array();
$this->options[] = 'ure_caps_readable';
$this->options[] = 'ure_show_deprecated_caps';
$this->options[] = 'ure_hide_pro_banner';
$this->options[] = 'ure_role_additional_options_values';
$this->options[] = 'ure_task_queue';
$this->options[] = 'user_role_editor';
}
// end fo init_options_list()
private function delete_options() {
global $wpdb;
$backup_option_name = $wpdb->prefix . 'backup_user_roles';
delete_option( $backup_option_name );
foreach ( $this->options as $option_name ) {
delete_option( $option_name );
}
}
// end of delete_options()
private function delete_caps() {
$wp_roles = wp_roles();
if ( $wp_roles->use_db ) {
$wp_roles->use_db = false; // minimize database update requests
$use_db = true;
} else {
$use_db = false;
}
foreach( $wp_roles->roles as $role_id=>$role ) {
foreach( $this->own_caps as $cap ) {
if ( isset( $role['capabilities'][ $cap ]) ) {
$wp_roles->remove_cap( $role_id, $cap );
}
}
}
if ( $use_db ) { // save changes to the database
$wp_roles->add_cap( 'subscriber', 'dummy_cap' );
$wp_roles->use_db = true; // restore original value
$wp_roles->remove_cap( 'subscriber', 'dummy_cap' );
}
}
// end of delete_caps()
public function act() {
global $wpdb;
if ( !is_multisite() ) {
$this->delete_options();
$this->delete_caps();
} else {
$old_blog = $wpdb->blogid;
$blog_ids = $this->lib->get_blog_ids();
foreach ( $blog_ids as $blog_id ) {
switch_to_blog( $blog_id );
$this->delete_options();
$this->delete_caps();
}
$this->lib->restore_after_blog_switching( $old_blog );
}
}
// end of act()
}
// end of class URE_Uninstall

416
wp/wp-content/plugins/user-role-editor/includes/classes/user-other-roles.php Normal file
View File

@@ -0,0 +1,416 @@
<?php
/*
* Project: User Role Editor WordPress plugin
* Class for Assigning to a user multiple roles
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class URE_User_Other_Roles {
protected $lib = null;
private static $counter = 0;
function __construct() {
$this->lib = URE_Lib::get_instance();
$this->set_hooks();
}
// end of $lib
public function set_hooks() {
add_filter( 'additional_capabilities_display', array($this, 'additional_capabilities_display'), 10, 1);
add_action( 'admin_print_styles-user-edit.php', array($this, 'load_css') );
add_action( 'admin_print_styles-user-new.php', array($this, 'load_css') );
add_action( 'admin_enqueue_scripts', array($this, 'load_js' ) );
add_action( 'edit_user_profile', array($this, 'edit_user_profile_html'), 10, 1 );
add_action( 'user_new_form', array($this, 'user_new_form'), 10, 1 );
add_action( 'profile_update', array($this, 'update'), 10 );
$multisite = $this->lib->get('multisite');
if ($multisite) {
add_action( 'wpmu_activate_user', array($this, 'add_other_roles'), 10, 1 );
add_action( 'added_existing_user', array($this, 'add_other_roles'), 10, 1);
}
add_action( 'user_register', array($this, 'add_other_roles'), 10, 1 );
}
// end of set_hooks()
public function additional_capabilities_display( $display ) {
$show = apply_filters('ure_show_additional_capabilities_section', true);
if ( empty( $show ) ) {
return $display;
}
if ( !current_user_can('promote_users') ) {
return $display; // No permissions to promote users
}
$display = false;
return $display;
}
// end of additional_capabilities_display()
/*
* Load CSS for the user profile edit page
*/
public function load_css() {
$show = apply_filters('ure_show_additional_capabilities_section', true );
if ( empty( $show ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
if ( defined('WP_DEBUG') && !empty( WP_DEBUG ) ) {
$file_name = 'multiple-select.css';
} else {
$file_name = 'multiple-select.min.css';
}
wp_enqueue_style('wp-jquery-ui-dialog');
wp_enqueue_style('ure-jquery-multiple-select', plugins_url('/css/'. $file_name, URE_PLUGIN_FULL_PATH ), array(), false, 'screen');
}
// end of load_css()
public function load_js($hook_suffix) {
if ( !in_array( $hook_suffix, array('user-edit.php', 'user-new.php') ) ) {
return;
}
$show = apply_filters('ure_show_additional_capabilities_section', true );
if ( empty( $show ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
if ( defined('WP_DEBUG') && !empty( WP_DEBUG ) ) {
$ms_file_name = 'multiple-select.js';
} else {
$ms_file_name = 'multiple-select.min.js';
}
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'), false, true );
wp_register_script('ure-jquery-multiple-select', plugins_url('/js/'. $ms_file_name, URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-jquery-multiple-select');
wp_register_script('ure-user-profile-other-roles', plugins_url('/js/user-profile-other-roles.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-user-profile-other-roles');
wp_localize_script('ure-user-profile-other-roles', 'ure_data_user_profile_other_roles', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'other_roles' => esc_html__('Other Roles', 'user-role-editor'),
'select_roles' => esc_html__('Select additional roles for this user', 'user-role-editor'),
'select_primary_role' => ($select_primary_role || $this->lib->is_super_admin()) ? 1: 0
));
}
// end of load_js()
/**
* Returns list of user roles, except 1st one, and bbPress assigned as they are shown by WordPress and bbPress themselves.
*
* @param type $user WP_User from wp-includes/capabilities.php
* @return array
*/
public function get_roles_array( $user ) {
if ( !is_array( $user->roles ) || count( $user->roles )<=1 ) {
return array();
}
// get bbPress assigned user role
if ( function_exists( 'bbp_filter_blog_editable_roles' ) ) {
$bb_press_role = bbp_get_user_role( $user->ID );
} else {
$bb_press_role = '';
}
$roles = array();
foreach ( $user->roles as $role) {
if (!empty($bb_press_role) && $bb_press_role === $role) {
// exclude bbPress assigned role
continue;
}
$roles[] = $role;
}
array_shift( $roles ); // exclude primary role which is shown by WordPress itself
return $roles;
}
// end of get_roles_array()
private function roles_select_html($user, $context) {
global $wp_roles;
$user_roles = $user->roles;
$primary_role = array_shift($user_roles);
$roles = apply_filters('editable_roles', $wp_roles->roles); // exclude restricted roles if any
$roles = array_reverse( $roles );
if (isset($roles[$primary_role])) { // exclude role assigned to the user as a primary role
unset($roles[$primary_role]);
}
$button_number = (self::$counter>0) ? '_2': '';
echo '<select multiple="multiple" id="ure_select_other_roles'. $button_number .'" name="ure_select_other_roles" style="width: 500px;" >'."\n";
foreach($roles as $key=>$role) {
echo '<option value="'.$key.'" >'.$role['name'].'</option>'."\n";
} // foreach()
echo '</select><br>'."\n";
if ($context=='add-new-user' || $context=='add-existing-user') {
// Get other default roles
$other_roles = $this->lib->get_option('other_default_roles', array());
} else {
$other_roles = $this->get_roles_array($user);
}
if (is_array($other_roles) && count($other_roles) > 0) {
$other_roles_str = implode(',', $other_roles);
} else {
$other_roles_str = '';
}
echo '<input type="hidden" name="ure_other_roles" id="ure_other_roles'. $button_number .'" value="' . $other_roles_str . '" />';
$output = $this->lib->roles_text($other_roles);
echo '<span id="ure_other_roles_list'. $button_number .'">'. $output .'</span>';
self::$counter++;
}
// end of roles_select()
/**
* Returns comma separated string of capabilities directly (not through the roles) assigned to the user
*
* @global WP_Roles $wp_roles
* @param object $user
* @return string
*/
private function get_user_caps_str( $user ) {
global $wp_roles;
$output = '';
foreach ($user->caps as $cap => $value) {
if (!$wp_roles->is_role($cap)) {
if ('' != $output) {
$output .= ', ';
}
$output .= $value ? $cap : sprintf(__('Denied: %s'), $cap);
}
}
return $output;
}
// end of get_user_caps_str()
private function user_profile_capabilities($user) {
$current_user_id = get_current_user_id();
$user_caps = $this->get_user_caps_str( $user );
?>
<tr>
<th>
<?php esc_html_e('Capabilities', 'user-role-editor'); ?>
</th>
<td>
<?php
echo $user_caps .'<br/>';
if ($this->lib->user_is_admin( $current_user_id ) ) {
echo '<a href="' . wp_nonce_url("users.php?page=users-".URE_PLUGIN_FILE."&object=user&amp;user_id={$user->ID}", "ure_user_{$user->ID}") . '">' .
esc_html__('Edit', 'user-role-editor') . '</a>';
}
?>
</td>
</tr>
<?php
}
// end of user_profile_capabilities()
private function display($user, $context) {
?>
<table class="form-table">
<tr>
<th scope="row"><?php esc_html_e('Other Roles', 'user-role-editor'); ?></th>
<td>
<?php
$this->roles_select_html($user, $context);
?>
</td>
</tr>
<?php
if ($context=='user-edit') {
$this->user_profile_capabilities($user);
}
?>
</table>
<?php
}
// end of display()
private function is_user_profile_extention_allowed() {
// Check if we are not at the network admin center
$result = stripos($_SERVER['REQUEST_URI'], 'network/user-edit.php') == false;
return $result;
}
// end of is_user_profile_extention_allowed()
/**
* Add URE stuff to the edit user profile page
*
* @param object $user
* @return void
*/
public function edit_user_profile_html($user) {
if (!$this->is_user_profile_extention_allowed()) {
return;
}
$show = apply_filters('ure_show_additional_capabilities_section', true);
if (empty($show)) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
?>
<h3><?php esc_html_e('Additional Capabilities', 'user-role-editor'); ?></h3>
<?php
$this->display($user, 'user-edit');
}
// end of edit_user_profile_html()
public function user_new_form( $context ) {
$show = apply_filters('ure_show_additional_capabilities_section', true);
if (empty($show)) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
$user = new WP_User();
$this->display( $user, $context );
}
// end of user_new_form()
/*
* Save additional user roles when user profile is updated, as WordPress itself doesn't know about them
* Returns different numbers for automatic testing purpose
*/
public function update( $user_id ) {
if ( !current_user_can('promote_users') ) {
return -1; // No permissions to promote users
}
if ( !current_user_can('edit_user', $user_id) ) {
return -1; // No permissions to edit this user
}
if ( !isset( $_POST['ure_other_roles'] ) ) {
return 3; // Add default other roles, there is no related data at the POST
}
if ( empty( $_POST['ure_other_roles'] ) ) {
return 1; // There is no need in processing of other roles. User did not select them
}
$user = get_userdata( $user_id );
$data = explode(',', str_replace(' ', '', $_POST['ure_other_roles'] ) );
$editable_roles = get_editable_roles();
$ure_other_roles = array();
foreach( $data as $role_id ) {
if ( empty( $role_id ) ) {
continue;
}
if ( !isset( $editable_roles[ $role_id ] ) ) {
return -2; // If the role isn't editable by the current user, stop processing - no permission to assign this role.
}
if ( is_array( $user->roles ) && !in_array( $role_id, $user->roles ) ) {
$ure_other_roles[] = $role_id;
}
}
foreach( $ure_other_roles as $role ) {
$user->add_role( $role );
}
return 2;
}
// end of update()
public function add_default_other_roles( $user_id ) {
if ( empty( $user_id ) ) {
return false;
}
$user = get_user_by('id', $user_id );
if ( empty( $user->ID ) ) {
return true;
}
// Get default roles if any
$other_default_roles = $this->lib->get_option('other_default_roles', array() );
if ( count( $other_default_roles ) == 0 ) {
return true;
}
foreach ( $other_default_roles as $role ) {
if ( !isset( $user->caps[$role] ) ) {
$user->add_role( $role );
}
}
}
// end of add_default_other_roles()
public function add_other_roles( $user_id ) {
if ( empty( $user_id ) ) {
return false;
}
$result = $this->update( $user_id );
if ( $result==3 ) { // Other roles were not selected manually
$this->add_default_other_roles( $user_id );
}
}
// end of add_other_roles()
}
// end of URE_User_Other_Roles class

987
wp/wp-content/plugins/user-role-editor/includes/classes/user-role-editor.php Normal file
View File

@@ -0,0 +1,987 @@
<?php
/*
* Main class of User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class User_Role_Editor {
protected static $instance = null; // object exemplar reference
// plugin specific library object: common code stuff, including options data processor
protected $lib = null;
// work with user multiple roles class
protected $user_other_roles = null;
// plugin's Settings page reference, we've got it from add_options_pages() call
protected $settings_page_hook = null;
// URE's key capability
public $key_capability = 'not allowed';
protected $main_page_hook_suffix = null;
protected $settings_hook_suffix = null;
// URE pages hook suffixes
protected $ure_hook_suffixes = null;
public static function get_instance() {
if ( self::$instance===null ) {
self::$instance = new User_Role_Editor();
}
return self::$instance;
}
// end of get_instance()
/**
* Prevent cloning of a *Singleton* instance
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of a *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
/**
* class constructor
*/
protected function __construct() {
if (empty($this->lib)) {
$this->lib = URE_Lib::get_instance('user_role_editor');
}
$this->user_other_roles = new URE_User_Other_Roles();
if ($this->lib->is_pro()) {
$this->main_page_hook_suffix = 'users_page_users-user-role-editor-pro';
$this->settings_hook_suffix = 'settings_page_settings-user-role-editor-pro';
} else {
$this->main_page_hook_suffix = 'users_page_users-user-role-editor';
$this->settings_hook_suffix = 'settings_page_settings-user-role-editor';
}
$this->ure_hook_suffixes = array($this->settings_hook_suffix, $this->main_page_hook_suffix);
// Activation action
register_activation_hook( URE_PLUGIN_FULL_PATH, array($this, 'setup') );
// Deactivation action
register_deactivation_hook( URE_PLUGIN_FULL_PATH, array($this, 'cleanup') );
// Who can use this plugin
$this->key_capability = URE_Own_Capabilities::get_key_capability();
// Process URE's internal tasks queue
$task_queue = URE_Task_Queue::get_instance();
$task_queue->process();
$this->set_hooks();
}
// end of __construct()
private function set_hooks() {
$multisite = $this->lib->get('multisite');
if ($multisite) {
// new blog may be registered not at admin back-end only but automatically after new user registration, e.g.
// Gravity Forms User Registration Addon does
add_action( 'wp_initialize_site', array($this, 'duplicate_roles_for_new_blog'), 99, 1);
}
// setup additional options hooks for the roles
add_action('init', array($this, 'set_role_additional_options_hooks'), 9);
if (!is_admin()) {
return;
}
add_action( 'admin_init', array($this, 'plugin_init'), 1 );
// Add the translation function after the plugins loaded hook.
add_action('plugins_loaded', array($this, 'load_translation'));
// add own submenu
add_action('admin_menu', array($this, 'plugin_menu'));
if ( $multisite ) {
// add own submenu
add_action( 'network_admin_menu', array($this, 'network_plugin_menu') );
}
// add a Settings link in the installed plugins page
add_filter('plugin_action_links_'. URE_PLUGIN_BASE_NAME, array($this, 'plugin_action_links'), 10, 1);
add_filter('plugin_row_meta', array($this, 'plugin_row_meta'), 10, 2);
}
// end of set_hooks()
/**
* True - if it's an instance of Pro version, false - for free version
* @return boolean
*/
public function is_pro() {
return $this->lib->is_pro();
}
// end of is_pro()
public function load_users_page() {
add_action('restrict_manage_users', array($this, 'show_move_users_from_no_role_button'));
add_action('admin_head', array($this, 'add_css_to_users_page'));
add_action('admin_footer', array($this, 'add_js_to_users_page'));
}
// end of load_users_page()
/**
* Plugin initialization
*
*/
public function plugin_init() {
global $pagenow;
$user_id = get_current_user_id();
$supress_protection = apply_filters('ure_supress_administrators_protection', false);
// these filters and actions should prevent editing users with administrator role
// by other users with 'edit_users' capability
if (!$supress_protection && !$this->lib->user_is_admin($user_id)) {
new URE_Protect_Admin();
}
add_action('admin_enqueue_scripts', array($this, 'admin_load_js'));
add_action('user_row_actions', array($this, 'user_row'), 10, 2);
add_filter('all_plugins', array($this, 'exclude_from_plugins_list'));
$multisite = $this->lib->get('multisite');
if ($multisite) {
$allow_edit_users_to_not_super_admin = $this->lib->get_option('allow_edit_users_to_not_super_admin', 0);
if ($allow_edit_users_to_not_super_admin) {
// Make this as late as possible, to overwrite settings made by other plugins, like WooCommerce
add_filter('map_meta_cap', array($this, 'restore_users_edit_caps'), 99, 4);
remove_all_filters('enable_edit_any_user_configuration');
add_filter('enable_edit_any_user_configuration', '__return_true');
// make this as early as you can, to not provide superadmin privilege when it's not needed
add_action('admin_head', array($this, 'edit_user_permission_check'), 1);
if ($pagenow == 'user-new.php') {
add_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
}
}
if ( $pagenow=='site-users.php' ) {
// Try to execute before any other function linked to this filter
add_filter('editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
}
} else {
$count_users_without_role = $this->lib->get_option('count_users_without_role', 0);
if ($count_users_without_role) {
add_action( 'load-users.php', array($this, 'load_users_page') );
}
}
$bulk_grant_roles = apply_filters('ure_bulk_grant_roles', true);
if ($bulk_grant_roles) {
new URE_Grant_Roles();
}
add_action('wp_ajax_ure_ajax', array($this, 'ure_ajax'));
add_action('editable_roles', array( $this, 'translate_custom_roles' ), 10, 1 );
// Input parameter $roles_sorting_order = false by default
// Acceptable values:
// true - sort by role ID (for backward compatibility),
// 'id' - sort roles by role ID,
// 'name' - sort roles by role name.
$roles_sorting_order = apply_filters( 'ure_sort_wp_roles_list', false);
if ( !empty( $roles_sorting_order ) ) {
$this->lib->set('roles_sorting_order', $roles_sorting_order );
add_filter('editable_roles', array( $this, 'sort_wp_roles_list' ), 11, 1 );
}
}
// end of plugin_init()
/**
* Allow non-superadmin user to add/create users to the site as superadmin does.
* Include current user to the list of superadmins - for the user-new.php page only, and
* if user really can create_users and promote_users
* @global string $pagenow
* @param array $site_admins
* @return array
*/
public function allow_add_user_as_superadmin($site_admins) {
global $pagenow;
$this->lib->set_raised_permissions(false);
if ($pagenow!=='user-new.php') {
return $site_admins;
}
// Check if current user really can create and promote users
remove_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
$can_add_user = current_user_can('create_users') && current_user_can('promote_users');
add_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
if (!$can_add_user) {
return $site_admins; // no help in this case
}
$current_user = wp_get_current_user();
if (!in_array($current_user->user_login, $site_admins)) {
$this->lib->set_raised_permissions(true);
$site_admins[] = $current_user->user_login;
}
return $site_admins;
}
// end of allow_add_user_as_superadmin()
public function show_move_users_from_no_role_button() {
if ( !current_user_can( 'promote_users' ) ) {
return;
}
$assign_role = $this->lib->get_assign_role();
$assign_role->show_html();
}
// end of move_users_from_no_role()
public function add_css_to_users_page() {
wp_enqueue_style( 'wp-jquery-ui-dialog' );
wp_enqueue_style( 'ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen' );
}
// end of add_css_to_users_page()
public function add_js_to_users_page() {
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core','jquery-ui-button', 'jquery'), false, true );
wp_register_script( 'ure-users', plugins_url( '/js/users.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script ( 'ure-users' );
wp_localize_script( 'ure-users', 'ure_users_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'move_from_no_role_title' => esc_html__('Change role for users without role', 'user-role-editor'),
'to' => esc_html__('To:', 'user-role-editor'),
'no_rights_caption' => esc_html__('No rights', 'user-role-editor'),
'provide_new_role_caption' => esc_html__('Provide new role', 'user-role-editor')
));
}
// end of add_js_to_users_page()
/**
* restore edit_users, delete_users, create_users capabilities for non-superadmin users under multisite
* (code is provided by http://wordpress.org/support/profile/sjobidoo)
*
* @param type $caps
* @param type $cap
* @param type $user_id
* @param type $args
* @return type
*/
public function restore_users_edit_caps($caps, $cap, $user_id, $args) {
foreach ($caps as $key => $capability) {
if ($capability != 'do_not_allow')
continue;
switch ($cap) {
case 'edit_user':
case 'edit_users':
$caps[$key] = 'edit_users';
break;
case 'delete_user':
case 'delete_users':
$caps[$key] = 'delete_users';
break;
case 'create_users':
$caps[$key] = $cap;
break;
}
}
return $caps;
}
// end of restore_user_edit_caps()
/**
* Checks that both the editing user and the user being edited are
* members of the blog and prevents the super admin being edited.
* (code is provided by http://wordpress.org/support/profile/sjobidoo)
*
*/
public function edit_user_permission_check() {
global $profileuser;
$current_user_id = get_current_user_id();
if ($current_user_id===0) {
return;
}
if ($this->lib->is_super_admin()) { // Superadmin may do all
return;
}
$screen = get_current_screen();
if (empty($screen)) {
return;
}
if ($screen->base !== 'user-edit' && $screen->base !== 'user-edit-network') {
return;
}
if ( !isset( $profileuser->ID ) ) {
return;
}
$current_blog_id = get_current_blog_id();
// editing a user profile: it's correct to call is_super_admin() directly here, as permissions are raised for the $current_user only
if ( !$this->lib->is_super_admin( $current_user_id ) && is_super_admin( $profileuser->ID ) ) { // trying to edit a superadmin while himself is less than a superadmin
wp_die( esc_html__('You do not have permission to edit this user.', 'user-role-editor') );
} elseif ( !( is_user_member_of_blog( $profileuser->ID, $current_blog_id ) && is_user_member_of_blog( $current_user_id, $current_blog_id ) ) ) { // editing user and edited user aren't members of the same blog
wp_die( esc_html__('You do not have permission to edit this user.', 'user-role-editor') );
}
}
// end of edit_user_permission_check()
/**
* Add/hide edit actions for every user row at the users list
*
* @global type $pagenow
* @param string $actions
* @param type $user
* @return string
*/
public function user_row($actions, $user) {
global $pagenow;
if ($pagenow!=='users.php') {
return $actions;
}
$current_user = wp_get_current_user();
if ($current_user->has_cap($this->key_capability)) {
$actions['capabilities'] = '<a href="' .
wp_nonce_url("users.php?page=users-" . URE_PLUGIN_FILE . "&object=user&amp;user_id={$user->ID}", "ure_user_{$user->ID}") .
'">' . esc_html__('Capabilities', 'user-role-editor') . '</a>';
}
return $actions;
}
// end of user_row()
/**
* Every time when new blog is created - duplicate for it the roles from the main blog
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @param WP_Site $site
* @param int $user_id
*
*/
public function duplicate_roles_for_new_blog( $site ) {
global $wpdb, $wp_roles;
// get Id of 1st (main) blog
$main_blog_id = $this->lib->get_main_blog_id();
if ( empty( $main_blog_id ) ) {
return;
}
$current_blog = $wpdb->blogid;
if ( $current_blog!=$main_blog_id ) {
switch_to_blog( $main_blog_id );
}
$main_roles = new WP_Roles(); // Get roles from primary blog
$default_role = get_option( 'default_role' ); // get default role from primary blog
$addons_data = apply_filters( 'ure_get_addons_data_for_new_blog', array() ); // Load addons data to replicate later for the new site - for internal use in a Pro version
$blog_id = $site->blog_id;
switch_to_blog( $blog_id ); // switch to the new created blog
$main_roles->use_db = false; // do not touch DB
$main_roles->add_cap( 'administrator', 'dummy_123456' ); // just to save current roles into new blog
$main_roles->role_key = $wp_roles->role_key;
$main_roles->use_db = true; // save roles into new blog DB
$main_roles->remove_cap( 'administrator', 'dummy_123456' ); // remove unneeded dummy capability
update_option( 'default_role', $default_role ); // set default role for new blog as it set for primary one
if ( !empty($addons_data) ) {
do_action('ure_set_addons_data_for_new_blog', $blog_id, $addons_data); // save addons data from the main site/blog to the new site/blog - for internal use in a Pro version
}
switch_to_blog( $current_blog ); // return to blog where we were at the begin
}
// end of duplicate_roles_for_new_blog()
/**
* Filter out URE plugin from not admin users to prevent its not authorized deactivation
* @param type array $plugins plugins list
* @return type array $plugins updated plugins list
*/
public function exclude_from_plugins_list($plugins) {
$multisite = $this->lib->get('multisite');
// if multi-site, then allow plugin activation for network superadmins and, if that's specially defined, - for single site administrators too
if ($multisite) {
if ($this->lib->is_super_admin() || $this->lib->user_is_admin()) {
return $plugins;
}
} else {
// is_super_admin() defines superadmin for not multisite as user who can 'delete_users' which I don't like.
// So let's check if user has 'administrator' role better.
if (current_user_can('administrator') || $this->lib->user_is_admin()) {
return $plugins;
}
}
// exclude URE from plugins list
$key = basename(URE_PLUGIN_DIR) . '/' . URE_PLUGIN_FILE;
unset($plugins[$key]);
return $plugins;
}
// end of exclude_from_plugins_list()
/**
* Load plugin translation files - linked to the 'plugins_loaded' action
*
*/
function load_translation() {
load_plugin_textdomain('user-role-editor', false, dirname( plugin_basename( URE_PLUGIN_FULL_PATH ) ) .'/lang');
if ( function_exists('pll_register_string') ) {
// Integration with PolyLang plugin (https://wordpress.org/plugins/polylang/)
$all_roles = wp_roles()->roles;
foreach( $all_roles as $role_id=>$role ) {
if ( !$this->lib->is_wp_built_in_role( $role_id ) ) {
pll_register_string( $role_id, $role['name'], 'user-role-editor' );
}
}
}
}
// end of ure_load_translation()
/**
* Modify plugin action links
*
* @param array $links
* @return array
*/
public function plugin_action_links($links) {
$single_site_settings_link = '<a href="options-general.php?page=settings-' . URE_PLUGIN_FILE . '">' . esc_html__('Settings', 'user-role-editor') .'</a>';
$multisite = $this->lib->get('multisite');
if (!$multisite ) {
$settings_link = $single_site_settings_link;
} else {
$ure = basename(URE_PLUGIN_DIR) . '/' . URE_PLUGIN_FILE;
$active_for_network = is_plugin_active_for_network($ure);
if (!$active_for_network) {
$settings_link = $single_site_settings_link;
} else {
if (!current_user_can('manage_network_plugins')) {
return $links;
}
$settings_link = '<a href="'. network_admin_url() .'settings.php?page=settings-'. URE_PLUGIN_FILE .'">'. esc_html__('Settings', 'user-role-editor') .'</a>';
}
}
array_unshift($links, $settings_link);
return $links;
}
// end of plugin_action_links()
public function plugin_row_meta($links, $file) {
if ($file == plugin_basename(dirname(URE_PLUGIN_FULL_PATH) .'/'.URE_PLUGIN_FILE)) {
$links[] = '<a target="_blank" href="https://www.role-editor.com/changelog">' . esc_html__('Changelog', 'user-role-editor') . '</a>';
}
return $links;
}
// end of plugin_row_meta
public function settings_screen_configure() {
$multisite = $this->lib->get('multisite');
$settings_page_hook = $this->settings_page_hook;
if ($multisite) {
$settings_page_hook .= '-network';
}
$screen = get_current_screen();
// Check if current screen is URE's settings page
if ($screen->id != $settings_page_hook) {
return;
}
$screen_help = new Ure_Screen_Help();
$screen->add_help_tab( array(
'id' => 'general',
'title' => esc_html__('General', 'user-role-editor'),
'content' => $screen_help->get_settings_help('general')
));
if ($this->lib->is_pro() || !$multisite) {
$screen->add_help_tab( array(
'id' => 'additional_modules',
'title' => esc_html__('Additional Modules', 'user-role-editor'),
'content' => $screen_help->get_settings_help('additional_modules')
));
}
$screen->add_help_tab( array(
'id' => 'default_roles',
'title' => esc_html__('Default Roles', 'user-role-editor'),
'content' => $screen_help->get_settings_help('default_roles')
));
if ($multisite) {
$screen->add_help_tab( array(
'id' => 'multisite',
'title' => esc_html__('Multisite', 'user-role-editor'),
'content' => $screen_help->get_settings_help('multisite')
));
}
}
// end of settings_screen_configure()
public function plugin_menu() {
if (function_exists('add_submenu_page')) {
$ure_page = add_submenu_page(
'users.php',
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
'ure_edit_roles',
'users-' . URE_PLUGIN_FILE,
array($this, 'edit_roles'));
add_action("admin_print_styles-$ure_page", array($this, 'admin_css_action'));
}
$multisite = $this->lib->get('multisite');
$active_for_network = $this->lib->get('active_for_network');
if ( !$multisite || ($multisite && !$active_for_network) ) {
$settings_capability = URE_Own_Capabilities::get_settings_capability();
$this->settings_page_hook = add_options_page(
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
$settings_capability,
'settings-' . URE_PLUGIN_FILE,
array($this, 'settings'));
add_action( 'load-'.$this->settings_page_hook, array($this,'settings_screen_configure') );
add_action("admin_print_styles-{$this->settings_page_hook}", array($this, 'settings_css_action'));
}
}
// end of plugin_menu()
public function network_plugin_menu() {
if (is_multisite()) {
$this->settings_page_hook = add_submenu_page(
'settings.php',
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
$this->key_capability,
'settings-' . URE_PLUGIN_FILE,
array(&$this, 'settings'));
add_action( 'load-'.$this->settings_page_hook, array($this,'settings_screen_configure') );
add_action("admin_print_styles-{$this->settings_page_hook}", array($this, 'settings_css_action'));
}
}
// end of network_plugin_menu()
public function settings() {
$settings_capability = URE_Own_Capabilities::get_settings_capability();
if (!current_user_can($settings_capability)) {
wp_die(esc_html__( 'You do not have sufficient permissions to manage options for User Role Editor.', 'user-role-editor' ));
}
URE_Settings::show();
}
// end of settings()
public function admin_css_action() {
wp_enqueue_style('wp-jquery-ui-selectable');
wp_enqueue_style('ure-jquery-ui-general', URE_PLUGIN_URL . 'css/jquery-ui.min.css', array(), URE_VERSION, 'screen');
wp_enqueue_style('ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen');
}
// end of admin_css_action()
public function settings_css_action() {
wp_enqueue_style('ure-jquery-ui-tabs', URE_PLUGIN_URL . 'css/jquery-ui.min.css', array(), URE_VERSION, 'screen');
wp_enqueue_style('ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen');
}
// end of admin_css_action()
// call roles editor page
public function edit_roles() {
if (!current_user_can('ure_edit_roles')) {
wp_die(esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'));
}
$editor = URE_Editor::get_instance();
$editor->show();
}
// end of edit_roles()
/**
* Create backup record for the WordPress user roles
* Run once on URE activation
*
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @return type
*/
protected function backup_wp_roles() {
global $wpdb;
$site_id = get_current_blog_id();
$backup_roles_key = $wpdb->get_blog_prefix($site_id) .'backup_user_roles';
// check if backup user roles record exists already
$result = get_option($backup_roles_key, false);
if (!empty($result)) {
return;
}
$wp_roles = wp_roles();
update_option($backup_roles_key, $wp_roles->roles, false);
}
// end of backup_wp_roles()
/**
* execute on plugin activation
*/
function setup() {
$this->backup_wp_roles();
URE_Own_Capabilities::init_caps();
$task_queue = URE_Task_Queue::get_instance();
$task_queue->add('on_activation');
}
// end of setup()
protected function get_ure_page_url() {
$page_url = admin_url() . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE;
$object = $this->lib->get_request_var('object', 'get');
$user_id = (int) $this->lib->get_request_var('user_id', 'get', 'int');
if ($object=='user' && $user_id>0) {
$page_url .= '&object=user&user_id='. $user_id;
}
return $page_url;
}
// end of get_ure_page_url()
protected function load_main_page_js() {
$confirm_role_update = $this->lib->get_option('ure_confirm_role_update', 1);
$page_url = $this->get_ure_page_url();
$multisite = $this->lib->get('multisite');
if ( !( $multisite && $this->lib->is_super_admin() ) ) {
$do_not_revoke_from_admin = true;
} else {
// do not limit SuperAdmin for multi-site
$do_not_revoke_from_admin = false;
}
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-selectable', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('notifyjs', plugins_url('/js/notify.min.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_register_script('ure', plugins_url('/js/ure.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure');
wp_localize_script('ure', 'ure_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'network_admin' => is_network_admin() ? 1 : 0,
'page_url' => $page_url,
'is_multisite' => is_multisite() ? 1 : 0,
'do_not_revoke_from_admin' => $do_not_revoke_from_admin ? 1 : 0,
'confirm_role_update' => $confirm_role_update ? 1 : 0,
'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
'yes_label' => esc_html__('Yes', 'user-role-editor'),
'no_label' => esc_html__('No', 'user-role-editor'),
'update' => esc_html__('Update', 'user-role-editor'),
'confirm_submit' => esc_html__('Please confirm permissions update', 'user-role-editor'),
'add_new_role_title' => esc_html__('Add New Role', 'user-role-editor'),
'rename_role_title' => esc_html__('Rename Role', 'user-role-editor'),
'role_name_required' => esc_html__(' Role name (ID) can not be empty!', 'user-role-editor'),
'role_name_valid_chars' => esc_html__(' Role name (ID) must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor'),
'numeric_role_name_prohibited' => esc_html__(' WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor'),
'add_role' => esc_html__('Add Role', 'user-role-editor'),
'rename_role' => esc_html__('Rename Role', 'user-role-editor'),
'delete_role' => esc_html__('Delete Role', 'user-role-editor'),
'cancel' => esc_html__('Cancel', 'user-role-editor'),
'add_capability' => esc_html__('Add Capability', 'user-role-editor'),
'delete_capability' => esc_html__('Delete Capability', 'user-role-editor'),
'default_role' => esc_html__('Default Role', 'user-role-editor'),
'set_new_default_role' => esc_html__('Set New Default Role', 'user-role-editor'),
'delete_capability' => esc_html__('Delete Capability', 'user-role-editor'),
'delete_capability_warning' => esc_html__('Warning! Be careful - removing critical capability could crash some plugin or other custom code', 'user-role-editor'),
'capability_name_required' => esc_html__(' Capability name (ID) can not be empty!', 'user-role-editor'),
'capability_name_valid_chars' => esc_html__(' Capability name (ID) must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor'),
));
// load additional JS stuff for Pro version, if exists
do_action('ure_load_js');
}
// end of load_main_page_js()
protected function load_settings_js() {
$page_url = $this->get_ure_page_url();
wp_enqueue_script('jquery-ui-tabs', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-button', '', array('jquery-ui-core', 'jquery'), false, true );
wp_register_script('ure-settings', plugins_url('/js/settings.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-settings');
wp_localize_script('ure-settings', 'ure_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'network_admin' => is_network_admin() ? 1 : 0,
'page_url' => $page_url,
'is_multisite' => is_multisite() ? 1 : 0,
'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
'yes_label' => esc_html__('Yes', 'user-role-editor'),
'no_label' => esc_html__('No', 'user-role-editor'),
'reset' => esc_html__('Reset', 'user-role-editor'),
'reset_warning' => '<span style="color: red;">'. esc_html__('DANGER!', 'user-role-editor') .'</span>'.
esc_html__(' Resetting will restore default user roles and capabilities from WordPress core.', 'user-role-editor') .'<br><br>'.
esc_html__('If any plugins (such as WooCommerce, S2Member and many others) have changed user roles and capabilities during installation, all those changes will be LOST!', 'user-role-editor') .'<br>'.
esc_html__('For more information on how to undo undesired changes and restore plugin capabilities go to', 'user-role-editor') .'<br>'.
'<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>' .'<br><br>'.
esc_html__('Continue?', 'user-role-editor'),
'reset_roles_secure_text' => URE_Tools::RESET_ROLES_SECURE_TEXT
));
do_action('ure_load_js_settings');
}
// end of load_settings_js()
/**
* Load plugin javascript stuff
*
* @param string $hook_suffix
*/
public function admin_load_js($hook_suffix) {
URE_Known_JS_CSS_Compatibility_Issues::fix($hook_suffix, $this->ure_hook_suffixes);
if ($hook_suffix==$this->main_page_hook_suffix) {
$this->load_main_page_js();
} elseif($hook_suffix==$this->settings_hook_suffix) {
$this->load_settings_js();
}
}
// end of admin_load_js()
public function ure_ajax() {
$ajax_processor = new URE_Ajax_Processor();
$ajax_processor->dispatch();
}
// end of ure_ajax()
public function set_role_additional_options_hooks() {
$role_additional_options = URE_Role_Additional_Options::get_instance($this->lib);
$role_additional_options->set_active_items_hooks();
}
// end of set_role_additional_options_hooks()
private function sort_roles_by_name( $roles ) {
$role_names = array();
foreach( $roles as $role_id=>$role ) {
$role_names[$role_id] = $role['name'];
}
asort( $role_names );
$roles1 = array();
foreach( $role_names as $role_id=>$role_name ) {
$roles1[$role_id] = $roles[$role_id];
}
return $roles1;
}
// end of sort_roles_by_name()
/**
* Sort roles array alphabetically
* @param array $roles
* @return array
*/
public function sort_wp_roles_list( $roles ) {
$roles_sorting_order = $this->lib->get('roles_sorting_order');
if ( $roles_sorting_order==='id' || $roles_sorting_order===true ) {
// sort by role ID
ksort( $roles );
return $roles;
} else if ( $roles_sorting_order==='name') {
// sort by role name
$roles1 = $this->sort_roles_by_name( $roles );
return $roles1;
} else {
// change nothing
return $roles;
}
// wp-admin/includes/template.php: wp_dropdown_roles() showed roles returned by get_editable_roles() in reversed order, #932:
// $editable_roles = array_reverse( get_editable_roles() );
// so we may need to reverse them 1st, in order they will be reversed back to the ascending order
//$roles = array_reverse( $roles );
return $roles;
}
// end of sort_wp_roles_list()
/** Currently WordPress (tested up to version 5.9.3) shows "Change role to..." drop-down list at Network admin->Sites->selected site->Users with roles filled from the main site,
/* but should use roles list from the selected site. This function replaces roles list with roles from the selected site and
* excludes error messsage "Sorry, you are not allowed to give users that role.", when you try to grant to a user a role which does not exist at the selected site.
*
* @param array $roles
* @return array
*/
public function fix_network_admin_roles_dropdown( $roles ) {
// get selected site ID
$selected_blog_id = isset( $_REQUEST['id'] ) ? intval( $_REQUEST['id'] ) : 0;
if ( !$selected_blog_id ) {
return $roles;
}
$current_blog_id = get_current_blog_id();
if ( $current_blog_id!==$selected_blog_id ) {
switch_to_blog( $selected_blog_id );
}
remove_filter( 'editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
$roles1 = get_editable_roles();
add_filter( 'editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
if ( $current_blog_id!==$selected_blog_id ) {
restore_current_blog();
}
return $roles1;
}
// end of fix_network_admin_roles_dropdown()
/*
* Translate user role names, inluding custom roles added by user
*
*/
function translate_custom_roles( $roles ) {
foreach ($roles as $key => $value) {
$translated_name = esc_html__( $value['name'], 'user-role-editor' ); // get translation from URE language file, if exists
if ( $translated_name === $value['name'] ) {
if ( $this->lib->is_wp_built_in_role( $key ) ) {
// get WordPress internal translation
$translated_name = translate_user_role( $translated_name );
} elseif ( function_exists('pll_register_string') ) {
// Integration with PolyLang plugin (https://wordpress.org/plugins/polylang/)
$translated_name = pll__( $translated_name );
}
}
$roles[$key]['name'] = $translated_name;
}
$roles = apply_filters('ure_editable_roles', $roles );
return $roles;
}
// end of translate_custom_roles()
// execute on plugin deactivation
public function cleanup() {
}
// end of cleanup()
// excute on plugin uninstall via WordPress->Plugins->Delete
public static function uninstall() {
$uninstall = new URE_Uninstall;
$uninstall->act();
}
// end of uninstall()
}
// end of User_Role_Editor

210
wp/wp-content/plugins/user-role-editor/includes/classes/user-view.php Normal file
View File

@@ -0,0 +1,210 @@
<?php
/**
* User capabilities View class to output HTML with capabilities assigne to the user
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_User_View extends URE_View {
private $user_to_edit = null;
public function __construct() {
parent::__construct();
$this->user_to_edit = $this->editor->get('user_to_edit');
}
// end of __construct()
public function display_edit_dialogs() {
}
// end of display_edit_dialogs()
/**
* output HTML code to create URE toolbar
*
* @param boolean $role_delete
* @param boolean $capability_remove
*/
public function toolbar() {
?>
<div id="ure_toolbar" >
<div id="ure_update">
<button id="ure_update_role" class="ure_toolbar_button button-primary">Update</button>
<?php
do_action('ure_user_edit_toolbar_update');
?>
</div>
</div>
<?php
}
// end of toolbar()
private function get_user_info() {
$switch_to_user = '';
if (!is_multisite() || current_user_can('manage_network_users')) {
$anchor_start = '<a href="' . wp_nonce_url("user-edit.php?user_id={$this->user_to_edit->ID}", "ure_user_{$this->user_to_edit->ID}") . '" >';
$anchor_end = '</a>';
if (class_exists('user_switching') && current_user_can('switch_to_user', $this->user_to_edit->ID)) {
$switch_to_user_link = user_switching::switch_to_url($this->user_to_edit);
$switch_to_user = '<a href="' . esc_url($switch_to_user_link) . '">' . esc_html__('Switch&nbsp;To', 'user-switching') . '</a>';
}
} else {
$anchor_start = '';
$anchor_end = '';
}
$user_info = ' <span style="font-weight: bold;">' . $anchor_start . $this->user_to_edit->user_login;
if ($this->user_to_edit->display_name !== $this->user_to_edit->user_login) {
$user_info .= ' (' . $this->user_to_edit->display_name . ')';
}
$user_info .= $anchor_end . '</span>';
if (is_multisite() && $this->lib->is_super_admin($this->user_to_edit->ID)) {
$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
}
if (!empty($switch_to_user)) {
$user_info .= '&nbsp;&nbsp;&nbsp;&nbsp;' . $switch_to_user;
}
return $user_info;
}
// end of get_user_info()
public function show_primary_role_dropdown_list($user_roles) {
?>
<select name="primary_role" id="primary_role">
<?php
// Compare user role against currently editable roles
$user_roles = array_intersect( array_values( $user_roles ), array_keys( get_editable_roles() ) );
$user_primary_role = array_shift( $user_roles );
// print the full list of roles with the primary one selected.
wp_dropdown_roles($user_primary_role);
// print the 'no role' option. Make it selected if the user has no role yet.
$selected = ( empty($user_primary_role) ) ? 'selected="selected"' : '';
echo '<option value="" '. $selected.'>' . esc_html__('&mdash; No role for this site &mdash;') . '</option>';
?>
</select>
<?php
}
// end of show_primary_role_dropdown_list()
protected function show_secondary_roles() {
$show_admin_role = $this->lib->show_admin_role_allowed();
$values = array_values($this->user_to_edit->roles);
$primary_role = array_shift($values); // get 1st element from roles array
$roles = $this->editor->get('roles');
foreach ($roles as $role_id => $role) {
if (($show_admin_role || $role_id != 'administrator') && ($role_id !== $primary_role)) {
if ($this->editor->user_can($role_id)) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label for="wp_role_' . $role_id . '"><input type="checkbox" id="wp_role_' . $role_id .
'" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked . ' />&nbsp;' .
esc_html__($role['name'], 'user-role-editor') . '</label><br />';
}
}
}
// end of show_secondary_roles()
public function display() {
$caps_readable = $this->editor->get('caps_readable');
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
$edit_user_caps_mode = $this->editor->get_edit_user_caps_mode();
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
$user_info = $this->get_user_info();
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
?>
<div class="postbox" style="float:left;min-width:1000px;width: 100%;">
<div id="ure_user_caps_header">
<span id="ure_user_caps_title"><?php esc_html_e('Change capabilities for user', 'user-role-editor')?></span> <?php echo $user_info;?>
</div>
<div class="inside">
<table cellpadding="0" cellspacing="0" style="width: 100%;">
<tr>
<td>&nbsp;</td>
<td style="padding-left: 10px; padding-bottom: 5px;">
<?php
if ($this->lib->is_super_admin() || !is_multisite() || !class_exists('User_Role_Editor_Pro') || !$caps_access_restrict_for_simple_admin) {
if ($caps_readable) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1"
<?php echo $checked; ?> onclick="ure_main.turn_caps_readable();" />
<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>&nbsp;&nbsp;&nbsp;
<?php
if ($show_deprecated_caps) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_show_deprecated_caps" id="ure_show_deprecated_caps" value="1"
<?php echo $checked; ?> onclick="ure_turn_deprecated_caps(<?php echo $this->user_to_edit->ID; ?>);"/>
<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
<?php
}
?>
</td>
</tr>
<tr>
<td id="ure_user_roles">
<?php
if ($select_primary_role || $this->lib->is_super_admin()) {
?>
<div class="ure-user-role-section-title"><?php esc_html_e('Primary Role:', 'user-role-editor'); ?></div>
<?php
$this->show_primary_role_dropdown_list($this->user_to_edit->roles);
}
if (function_exists('bbp_filter_blog_editable_roles') ) { // bbPress plugin is active
?>
<div class="ure-user-role-section-title" style="margin-top: 5px;"><?php esc_html_e('bbPress Role:', 'user-role-editor'); ?></div>
<?php
$dynamic_roles = bbp_get_dynamic_roles();
$bbp_user_role = bbp_get_user_role($this->user_to_edit->ID);
if (!empty($bbp_user_role)) {
echo $dynamic_roles[$bbp_user_role]['name'];
}
}
?>
<div style="margin-top: 5px;margin-bottom: 5px; font-weight: bold;"><?php esc_html_e('Other Roles:', 'user-role-editor'); ?></div>
<?php
$this->show_secondary_roles();
?>
</td>
<td style="padding-left: 5px; padding-top: 5px; border-top: 1px solid #ccc; vertical-align: top;">
<?php $this->display_caps(false, $edit_user_caps_mode ); ?>
</td>
</tr>
</table>
<input type="hidden" name="object" value="user" />
<input type="hidden" name="user_id" value="<?php echo $this->user_to_edit->ID; ?>" />
</div>
</div>
<?php
}
// end of display()
}
// end of class URE_User_View

366
wp/wp-content/plugins/user-role-editor/includes/classes/view.php Normal file
View File

@@ -0,0 +1,366 @@
<?php
/**
* View class to output any HTML used at User Role Editor
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_View {
protected $lib = null;
protected $editor = null;
public function __construct() {
$this->lib = URE_Lib::get_instance();
$this->editor = URE_Editor::get_instance();
}
// end of __construct()
public function display() {}
public function toolbar() {}
/**
* display opening part of the HTML box with title and CSS style
*
* @param string $title
* @param string $style
*/
public function display_box_start($title, $style = '') {
?>
<div class="postbox" style="float: left; <?php echo $style; ?>">
<h3 style="cursor:default;"><span><?php echo $title ?></span></h3>
<div class="inside">
<?php
}
// end of display_box_start()
/**
* close HTML box opened by display_box_start() call
*/
public function display_box_end() {
?>
</div>
</div>
<?php
}
// end of display_box_end()
public function show_caps_groups() {
$groups = URE_Capabilities_Groups_Manager::get_instance();
$groups_list = $groups->get_groups_tree();
$output = '<ul id="ure_caps_groups_list">'. PHP_EOL;
foreach($groups_list as $group_id=>$group) {
if ($group_id=='all') {
$spacer = '';
$subgroup = '';
} else {
$spacer = 'style="padding-left: '. 15*$group['level'] .'px"';
$subgroup = '- ';
}
$output .= '<li id="ure_caps_group_'. $group_id .'" '. $spacer .'>' .
$subgroup . $group['caption'] .'</li>'. PHP_EOL;
}
$output .= '</ul>'. PHP_EOL;
echo $output;
}
// end of show_caps_groups()
private function deprecated_show_and_color($cap_id, $builtin_wp_caps, &$label_style, &$hidden_class) {
if ( isset( $builtin_wp_caps[$cap_id] ) &&
is_array( $builtin_wp_caps[$cap_id] ) &&
in_array('deprecated', $builtin_wp_caps[$cap_id] ) ) {
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
if (!$show_deprecated_caps) {
$hidden_class = 'hidden';
}
$label_style = 'style="color:#BBBBBB;"';
}
}
// end of deprecated_show_and_color()
private function blocked_for_single_admin_style($cap_id, &$label_style) {
$blocked = false;
$multisite = $this->lib->get('multisite');
if ($multisite && $this->editor->block_cap_for_single_admin($cap_id, true)) {
if ($this->lib->is_super_admin()) {
if (!is_network_admin()) {
$label_style = 'style="color: red;"';
}
} else {
$blocked = true;
}
}
return $blocked;
}
// end of blocked_for_single_admin_style()
// Get full capabilities list and exclude Visual Composer capabilities from it
// Do not take VC capabilities into account as VC stores not boolean values with them
protected function get_full_capabilities() {
$full_caps = $this->editor->get('full_capabilities');
foreach($full_caps as $key=>$capability) {
if (strpos($key, 'vc_access_rules_')!==false) {
unset($full_caps[$key]);
}
}
return $full_caps;
}
// end of get_full_capabilities()
/*
* Output HTML-code for capabilities list
* Used build output for response to AJAX request
* @param boolean $for_role - if true, it is role capabilities list, else - user specific capabilities list
* @param boolean $edit_mode - if false, capabilities checkboxes are shown as disable - readonly mode
*/
public function _show_capabilities( $for_role = true, $edit_mode=true ) {
$onclick_for_admin = '';
$multisite = $this->lib->get( 'multisite' );
$current_role = $this->editor->get( 'current_role' );
$user_to_edit = $this->editor->get( 'user_to_edit' );
$roles = $this->editor->get( 'roles' );
$full_capabilities = $this->get_full_capabilities();
$built_in_wp_caps = $this->lib->get_built_in_wp_caps();
$caps_readable = $this->editor->get( 'caps_readable' );
$caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
$key_capability = URE_Own_Capabilities::get_key_capability();
$user_is_ure_admin = current_user_can( $key_capability );
$ure_caps = URE_Own_Capabilities::get_caps();
$output = '';
foreach ($full_capabilities as $capability) {
$cap_id = $capability['inner'];
if (!$user_is_ure_admin) {
if (isset($ure_caps[$cap_id]) ||
($multisite && $cap_id=='manage_network_plugins')) {
// exclude URE caps if user does not have full access to URE
continue;
}
}
$label_style = '';
$hidden_class = '';
$this->deprecated_show_and_color($cap_id, $built_in_wp_caps, $label_style, $hidden_class);
$blocked = $this->blocked_for_single_admin_style($cap_id, $label_style);
$classes = array('ure-cap-div');
if ($blocked) {
$classes[] = 'blocked';
$hidden_class = 'hidden';
}
if ($hidden_class) {
$classes[] = $hidden_class;
}
$cap_groups = $caps_groups_manager->get_cap_groups($cap_id, $built_in_wp_caps);
$classes = ure_array_merge( $classes, $cap_groups );
$checked = '';
$disabled = '';
if ($for_role) {
if (isset($roles[$current_role]['capabilities'][$cap_id]) &&
!empty($roles[$current_role]['capabilities'][$cap_id])) {
$checked = 'checked="checked"';
}
} else {
if (empty($edit_mode)) {
$disabled = 'disabled="disabled"';
} else {
$disabled = '';
}
if ($this->editor->user_can($cap_id)) {
$checked = 'checked="checked"';
if (!isset($user_to_edit->caps[$cap_id])) {
$disabled = 'disabled="disabled"';
}
}
}
$class = 'class="' . implode(' ', $classes) .'"';
$cap_id_esc = URE_Capability::escape($cap_id);
$cap_html = '<div id="ure_cap_div_'. $cap_id_esc .'" '. $class .'><input type="checkbox" name="' . $cap_id_esc . '" id="'.
$cap_id_esc . '" value="' . $cap_id .'" '. $checked . ' ' . $disabled . ' class="ure-cap-cb">';
if ($caps_readable) {
$cap_ind = 'human';
$cap_ind_alt = 'inner';
} else {
$cap_ind = 'inner';
$cap_ind_alt = 'human';
}
$cap_html .= '<label for="' . $cap_id_esc . '" id="' . $cap_id_esc . '_label" title="' . $capability[$cap_ind_alt] . '" ' . $label_style . ' >'.
$capability[$cap_ind] . '</label> </div>';
$output .= $cap_html;
}
return $output;
}
// end of _show_capabilities()
/**
* Output HTML-code for capabilities list
* Used to built full page output for usual HTTP request
* @param boolean $for_role - if true, it is role capabilities list, else - user specific capabilities list
* @param boolean $edit_mode - if false, capabilities checkboxes are shown as disable - readonly mode
*/
public function show_capabilities( $for_role = true, $edit_mode=true ) {
$output = '<div id="ure_caps_list_container">'
. '<div id="ure_caps_list">';
$output .= $this->_show_capabilities( $for_role, $edit_mode );
$output .= '</div></div>' ;
echo $output;
}
// end of show_capabilities()
// content of User Role Editor Pro advertisement slot - for direct call
public function advertise_pro() {
?>
<div id="ure_pro_advertisement" style="clear:left;display:block; float: left;">
<a href="https://www.role-editor.com?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins " target="_new" >
<?php
$hide_pro_banner = $this->lib->get_option('ure_hide_pro_banner', 0);
if ($hide_pro_banner) {
echo 'User Role Editor Pro: extended functionality, no advertisement - from $29.</a>';
} else {
?>
<img src="<?php echo URE_PLUGIN_URL; ?>images/user-role-editor-pro-728x90.jpg" alt="User Role Editor Pro"
title="More functionality and premium support with Pro version of User Role Editor."/>
</a><br />
<label for="ure_hide_pro_banner">
<input type="checkbox" name="ure_hide_pro_banner" id="ure_hide_pro_banner" onclick="ure_main.hide_pro_banner();"/>&nbsp;Thanks, hide this banner.
</label>
<?php
}
?>
</div>
<?php
}
// end of advertise_pro_version()
public function advertise_commercials() {
require_once(URE_PLUGIN_DIR . 'includes/classes/advertisement.php');
$this->advert = new URE_Advertisement();
$this->advert->display();
}
// end of advertisement()
public static function output_confirmation_dialog() {
?>
<div id="ure_confirmation_dialog" class="ure-modal-dialog">
<div id="ure_cd_html" style="padding:10px;"></div>
</div>
<?php
}
// end of output_confirmation_dialog()
public static function output_task_status_div() {
?>
<div id="ure_task_status" style="display:none;position:absolute;top:10px;right:10px;padding:10px;background-color:#000000;color:#ffffff;">
<img src="<?php echo URE_PLUGIN_URL .'images/ajax-loader.gif';?>" width="16" height="16"/> <?php esc_html_e('Working...','user-role-editor');?>
</div>
<?php
}
// end of output task_status_div()
private function show_select_all() {
$multisite = $this->lib->get('multisite');
$current_role = $this->editor->get('current_role');
$show = true;
if ($multisite) {
if ($current_role=='administrator' && !$this->lib->is_super_admin()) {
$show = false;
}
} elseif ($current_role=='administrator') {
$show = false;
}
return $show;
}
// end of show_select_all()
public function display_caps($for_role = true, $edit_mode=true) {
$caps_columns_quant = $this->editor->get('caps_columns_quant');
?>
<table id="ure_caps_container" cellpadding="0" cellspacing="0">
<tr>
<td id="ure_caps_groups_title"><span style="font-weight: bold;"><?php esc_html_e('Group', 'user-role-editor');?></span> (<?php esc_html_e('Total', 'user-role-editor');?>/<?php esc_html_e('Granted', 'user-role-editor');?>)</td>
<td id="ure_caps_select">
<div class="ure-table">
<?php
if ($this->show_select_all()) {
?>
<div class="ure-table-cell">
<input type="checkbox" id="ure_select_all_caps" name="ure_select_all_caps" value="ure_select_all_caps"/>
</div>
<?php
}
?>
<div class="ure-table-cell ure-caps-option nowrap">
<?php esc_html_e('Quick filter:', 'user-role-editor'); ?>&nbsp;
<input type="text" id="quick_filter" name="quick_filter" value="" size="10" onkeyup="ure_main.filter_capabilities(this.value);" />&nbsp;&nbsp;&nbsp;
<input type="checkbox" id="granted_only" name="granted_only" />
<label for="granted_only"><?php esc_html_e('Granted Only', 'user-role-editor'); ?></label>&nbsp;
</div>
<div class="ure-table-cell ure-caps-option nowrap">
<?php esc_html_e('Columns:', 'user-role-editor');?>
<select id="caps_columns_quant" name="caps_columns_quant" onchange="ure_main.change_caps_columns_quant();">
<option value="1" <?php selected(1, $caps_columns_quant);?> >1</option>
<option value="2" <?php selected(2, $caps_columns_quant);?> >2</option>
<option value="3" <?php selected(3, $caps_columns_quant);?> >3</option>
</select>
</div>
</div>
</td>
<td id="ure_toolbar_title">&nbsp;</td>
</tr>
<tr>
<td id="ure_caps_groups_td" class="ure-caps-cell">
<?php $this->show_caps_groups(); ?>
</td>
<td id="ure_caps_td" class="ure-caps-cell">
<?php $this->show_capabilities($for_role, $edit_mode); ?>
</td>
<td id="ure_toolbar_td" class="ure-caps-cell">
<?php $this->toolbar(); ?>
</td>
</tr>
</table>
<?php
}
// end of display_caps()
}
// end of class URE_View

125
wp/wp-content/plugins/user-role-editor/includes/classes/woocommerce-capabilities.php Normal file
View File

@@ -0,0 +1,125 @@
<?php
/**
* Class to provide the list of WooCommerce plugin user capabilities
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Woocommerce_Capabilities {
public static $post_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook', 'product_variation', 'shop_order_refund');
private static $capability_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook');
public static function add_group_to_caps(&$caps, $post_type, $group) {
$post_types = $post_type .'s';
$caps['edit_'. $post_types][] = $group;
$caps['edit_others_'. $post_types][] = $group;
$caps['publish_'. $post_types][] = $group;
$caps['read_private_'. $post_types][] = $group;
$caps['delete_'. $post_types][] = $group;
$caps['delete_private_'. $post_types][] = $group;
$caps['delete_published_'. $post_types][] = $group;
$caps['delete_others_'. $post_types][] = $group;
$caps['edit_private_'. $post_types][] = $group;
$caps['edit_published_'. $post_types][] = $group;
}
// end of add_group_to_caps()
private static function add_base_caps(&$caps, $group, $subgroup, $cap_type) {
$cap_types = $cap_type .'s';
$caps['edit_'. $cap_type] = array('custom', 'custom_post_types', $group, $subgroup, $cap_type);
$caps['read_'. $cap_type] = array('custom', 'custom_post_types', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_type] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['publish_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['read_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
}
// end of add_base_caps()
/**
* Returns full list of WooCommerce plugin user capabilities
*/
public static function get_caps_groups() {
$caps = array(
'manage_woocommerce'=>array('custom', 'woocommerce', 'woocommerce_core'),
'view_woocommerce_reports'=>array('custom', 'woocommerce', 'woocommerce_core'),
'view_admin_dashboard'=>array('custom', 'woocommerce', 'woocommerce_core')
);
// code was built on the base of woocommerce/includes/class-wc-install.php method WC_Install::get_core_capabilities()
$group = 'woocommerce';
foreach (self::$capability_types as $cap_type) {
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
$caps['manage_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['assign_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
}
$pto1 = get_post_type_object('product_variation');
if (empty($pto1) || $pto1->capability_type === 'product') { // default, not redefined by some plugin
// add capabilities group for the product_variation custom post type
self::add_group_to_caps($caps, 'product', 'woocommerce_product_variation');
self::add_group_to_caps($caps, 'product', 'product_variation');
} else {
$cap_type = 'product_variation';
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
}
$pto2 = get_post_type_object('shop_order_refund');
if (empty($pto2) || $pto2->capability_type === 'shop_order') { // default, not redefined by some plugin
// add capabilities group for the shop_order_refund custom post type
self::add_group_to_caps($caps, 'shop_order', 'woocommerce_shop_order_refund');
self::add_group_to_caps($caps, 'shop_order', 'shop_order_refund');
} else {
$cap_type = 'shop_order_variant';
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
}
return $caps;
}
// end of get()
/**
* This custom post types use capabilities from the other custom post types
* So we should define capabilities set for them manually
* @return array()
*/
public static function get_post_types_without_caps() {
$pt_without_caps = array();
$pto1 = get_post_type_object('product_variation');
if (!empty($pto1) && $pto1->capability_type === 'product') {
$pt_without_caps[] = $pto1->name;
}
$pto2 = get_post_type_object('shop_order_refund');
if (!empty($pto2) && $pto2->capability_type === 'shop_order') {
$pt_without_caps[] = $pto2->name;
}
return $pt_without_caps;
}
// end of get_post_types_without_caps()
}
// end of URE_Woocommerce_Capabilities class

14
wp/wp-content/plugins/user-role-editor/includes/define-constants.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/*
* User Role Editor WordPress plugin constants definitions
*
* Author: Vladimir Garagulia
* Author email: support@role-editor.com
* Author URI: https://role-editor.com
*
*/
define( 'URE_ERROR', 'Error was encountered' );
define( 'URE_PARENT', is_network_admin() ? 'network/users.php' : 'users.php' );
define( 'URE_KEY_CAPABILITY', 'ure_manage_options' );

2
wp/wp-content/plugins/user-role-editor/includes/index.php Normal file
View File

@@ -0,0 +1,2 @@
<?php
// Silence is golden.

35
wp/wp-content/plugins/user-role-editor/includes/loader.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
/**
* Project: User Role Editor WordPress plugin
* Load related files
*
* Author: Vladimir Garagulia
* email: support@role-editor.com
*
**/
require_once( URE_PLUGIN_DIR .'includes/define-constants.php' );
require_once( URE_PLUGIN_DIR .'includes/misc-support-stuff.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/task-queue.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/own-capabilities.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/bbpress.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/assign-role.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/grant-roles.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/user-other-roles.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/protect-admin.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/ajax-processor.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/screen-help.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/known-js-css-compatibility-issues.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/role-additional-options.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/capability.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/woocommerce-capabilities.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/capabilities-groups-manager.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/capabilities.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/view.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/role-view.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/user-view.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/editor.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/tools.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/settings.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/uninstall.php' );
require_once( URE_PLUGIN_DIR .'includes/classes/user-role-editor.php' );

112
wp/wp-content/plugins/user-role-editor/includes/misc-support-stuff.php Normal file
View File

@@ -0,0 +1,112 @@
<?php
/*
* User Role Editor WordPress plugin
* Miscellaneous support stuff, which should still be defined beyond of classes
*
* Author: Vladimir Garagulya
* Author email: suport@role-editor.com
* Author URI: https://role-editor.com
* License: GPL v3
*
*/
// if Gravity Forms is installed
if ( class_exists( 'GFForms' ) ) {
/*
* Support for Gravity Forms capabilities
* As Gravity Form has integrated support for the Members plugin - let's imitate its presense, so GF code, like
* self::has_members_plugin()) considers that it is has Members plugin
*/
if ( !function_exists( 'members_get_capabilities' ) ) {
include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
if ( ! is_plugin_active( 'members/members.php' ) ) {
/*
* Define stub function to say "Gravity Forms" plugin: 'Hey! Yes, I'm not the "Members" plugin, but I'm "User Role Editor" and
* I'm capable to manage your roles and capabilities too.
*/
function members_get_capabilities() {
}
}
}
}
if ( ! function_exists( 'ure_get_post_view_access_users' ) ) {
/*
* Returns the list of users with front-end content view restrictions
*/
function ure_get_post_view_access_users( $post_id ) {
if ( ! $GLOBALS['user_role_editor']->is_pro() ) {
return false;
}
$result = $GLOBALS['user_role_editor']->get_post_view_access_users( $post_id );
return $result;
}
// end of ure_get_post_view_users()
}
if ( ! function_exists( 'ure_hide_admin_bar' ) ) {
function ure_hide_admin_bar() {
show_admin_bar(false);
}
// end of hide_admin_bar()
}
if ( ! function_exists( 'wp_roles' ) ) {
/**
* Included for back compatibility with WP 4.0+
* Retrieves the global WP_Roles instance and instantiates it if necessary.
*
* @since 4.3.0
*
* @global WP_Roles $wp_roles WP_Roles global instance.
*
* @return WP_Roles WP_Roles global instance if not already instantiated.
*/
function wp_roles() {
global $wp_roles;
if (!isset($wp_roles)) {
$wp_roles = new WP_Roles();
}
return $wp_roles;
}
}
if ( ! function_exists( 'ure_array_merge' ) ) {
/**
* Wrapper for PHP array_merge() function - for 2 input parameters only
* Excludes PHP Fatal error: Uncaught TypeError: array_merge(): Argument #2 must be of type array
* Checks that parameters are not null and not empty before a real call of array_merge()
*/
function ure_array_merge( ...$args ) {
$result = array();
foreach( $args as $value ) {
if ( $value===null ) {
continue;
}
if ( !is_array( $value ) ) {
continue;
}
if ( empty( $value ) ) {
continue;
}
$result = array_merge( $result, $value );
}
return $result;
}
}

260
wp/wp-content/plugins/user-role-editor/includes/settings-template.php Normal file
View File

@@ -0,0 +1,260 @@
<?php
/*
* User Role Editor WordPress plugin options page
*
* @Author: Vladimir Garagulia
* @URL: https://role-editor.com
*
*/
$tabs_index = array();
?>
<div class="wrap">
<a href="http://role-editor.com">
<div id="ure-icon" class="icon32"><br></div>
</a>
<h1><?php esc_html_e( 'User Role Editor - Options', 'user-role-editor' ); ?></h1>
<div id="ure_tabs" style="clear: left; display: none;">
<ul>
<li><a href="#ure_tabs-1"><?php esc_html_e( 'General', 'user-role-editor' );?></a></li>
<?php
$tabs_index['1'] = 0;
if ( ! $license_key_only ) {
if ( $lib->is_pro() || ! $multisite ) {
?>
<li><a href="#ure_tabs-2"><?php esc_html_e( 'Additional Modules', 'user-role-editor' ); ?></a></li>
<?php
$tabs_index['2'] = 1;
}
?>
<li><a href="#ure_tabs-3"><?php esc_html_e( 'Default Roles', 'user-role-editor' ); ?></a></li>
<?php
$tabs_index['3'] = count( $tabs_index );
if ( $multisite && ( $lib->is_pro() || $lib->is_super_admin() ) ) {
?>
<li><a href="#ure_tabs-4"><?php esc_html_e( 'Multisite', 'user-role-editor' ); ?></a></li>
<?php
$tabs_index['4'] = count( $tabs_index );
}
}
?>
<li><a href="#ure_tabs-5"><?php esc_html_e( 'Tools', 'user-role-editor' );?></a></li>
<?php
$tabs_index['5'] = count($tabs_index);
?>
<li><a href="#ure_tabs-6"><?php esc_html_e( 'About', 'user-role-editor' );?></a></li>
</ul>
<div id="ure_tabs-1">
<div id="ure-settings-form">
<form method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<table id="ure_settings">
<?php
if ( ! $license_key_only ) {
?>
<tr>
<td>
<input type="checkbox" name="show_admin_role" id="show_admin_role" value="1" <?php checked( $show_admin_role, 1 ); ?>
<?php echo defined( 'URE_SHOW_ADMIN_ROLE' ) ? 'disabled="disabled" title="Predefined by \'URE_SHOW_ADMIN_ROLE\' constant at wp-config.php"' : ''; ?> />
<label for="show_admin_role"><?php esc_html_e( 'Show Administrator role at User Role Editor', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<tr>
<td>
<input type="checkbox" name="caps_readable" id="caps_readable" value="1"
<?php checked( $caps_readable, 1); ?> />
<label for="caps_readable"><?php esc_html_e( 'Show capabilities in the human readable form', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<tr>
<td>
<input type="checkbox" name="show_deprecated_caps" id="show_deprecated_caps" value="1" <?php checked( $show_deprecated_caps, 1 ); ?> />
<label for="show_deprecated_caps"><?php esc_html_e( 'Show deprecated capabilities', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<tr>
<td>
<input type="checkbox" name="confirm_role_update" id="confirm_role_update" value="1" <?php checked( $confirm_role_update, 1 ); ?> />
<label for="confirm_role_update"><?php esc_html_e( 'Confirm role update', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<tr>
<td>
<input type="checkbox" name="edit_user_caps" id="edit_user_caps" value="1" <?php checked( $edit_user_caps, 1 ); ?> />
<label for="edit_user_caps"><?php esc_html_e( 'Edit user capabilities', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<tr>
<td>
<?php esc_html_e( 'Show capabilities in', 'user-role-editor' ); ?>&nbsp;
<select name="caps_columns_quant" id="caps_columns_quant">
<option value="1" <?php selected( $caps_columns_quant, 1 ); ?> >1</option>
<option value="2" <?php selected( $caps_columns_quant, 2 ); ?> >2</option>
<option value="3" <?php selected( $caps_columns_quant, 3 ); ?> >3</option>
</select>
<?php esc_html_e( 'columns', 'user-role-editor' ); ?>
</td>
<td>
</td>
</tr>
<?php
}
do_action( 'ure_settings_show1' );
?>
</table>
<?php wp_nonce_field( 'user-role-editor' ); ?>
<input type="hidden" name="ure_tab_idx" value="0" />
<p class="submit">
<input type="submit" class="button-primary" name="ure_settings_update" value="<?php esc_html_e( 'Save', 'user-role-editor' ) ?>" />
</p>
</form>
</div>
</div> <!-- ure_tabs-1 -->
<?php
if ( ! $license_key_only ) {
if ( $lib->is_pro() || ! $multisite ) {
?>
<div id="ure_tabs-2">
<form name="ure_additional_modules" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<table id="ure_addons">
<?php
if ( ! $multisite ) {
?>
<tr>
<td>
<input type="checkbox" name="count_users_without_role" id="count_users_without_role" value="1" <?php checked( $count_users_without_role, 1 ); ?> />
<label for="count_users_without_role"><?php esc_html_e( 'Count users without role', 'user-role-editor' ); ?></label></td>
<td>
</td>
</tr>
<?php
}
?>
<?php
do_action( 'ure_settings_show2' );
?>
</table>
<?php wp_nonce_field( 'user-role-editor' ); ?>
<input type="hidden" name="ure_tab_idx" value="1" />
<p class="submit">
<input type="submit" class="button-primary" name="ure_addons_settings_update" value="<?php esc_html_e('Save', 'user-role-editor') ?>" />
</form>
</div>
<?php
}
?>
<div id="ure_tabs-3">
<form name="ure_default_roles" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<?php
if ( ! $multisite ) {
esc_html_e( 'Primary default role: ', 'user-role-editor' );
echo $view->role_default_html;
?>
<hr>
<?php
}
?>
<?php esc_html_e( 'Other default roles for new registered user: ', 'user-role-editor' ); ?>
<div id="other_default_roles">
<?php self::show_other_default_roles(); ?>
</div>
<?php
if ( $multisite ) {
echo '<p>'. esc_html__( 'Note for multisite environment: take into account that other default roles should exist at the site, in order to be assigned to the new registered users.', 'user-role-editor' ) .'</p>';
}
?>
<hr>
<?php wp_nonce_field( 'user-role-editor' ); ?>
<input type="hidden" name="ure_tab_idx" value="<?php echo $tabs_index[3]; ?>" />
<p class="submit">
<input type="submit" class="button-primary" name="ure_default_roles_update" value="<?php esc_html_e( 'Save', 'user-role-editor' ) ?>" />
</p>
</form>
</div> <!-- ure_tabs-3 -->
<?php
if ( $multisite && ( $lib->is_pro() || $lib->is_super_admin() ) ) {
?>
<div id="ure_tabs-4">
<div id="ure-settings-form-ms">
<form name="ure_settings_ms" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<table id="ure_settings_ms">
<?php
if ( $lib->is_super_admin() ) {
?>
<tr>
<td>
<input type="checkbox" name="allow_edit_users_to_not_super_admin" id="allow_edit_users_to_not_super_admin" value="1"
<?php checked( $allow_edit_users_to_not_super_admin, 1 ); ?> />
<label for="allow_edit_users_to_not_super_admin"><?php esc_html_e( 'Allow non super administrators to create, edit, and delete users', 'user-role-editor' ); ?></label>
</td>
<td>
</td>
</tr>
<?php
}
do_action( 'ure_settings_ms_show' );
?>
</table>
<?php wp_nonce_field( 'user-role-editor' ); ?>
<input type="hidden" name="ure_tab_idx" value="<?php echo $tabs_index[4]; ?>" />
<p class="submit">
<input type="submit" class="button-primary" name="ure_settings_ms_update" value="<?php esc_html_e( 'Save', 'user-role-editor' ); ?>" />
</p>
</form>
</div> <!-- ure-settings-form-ms -->
</div> <!-- ure_tabs-4 -->
<?php
}
} // if (!$license_key_only) {
?>
<div id="ure_tabs-5">
<?php
URE_Tools::show( $tabs_index[5] );
?>
</div> <!-- ure_tabs-5 -->
<div id="ure_tabs-6">
<?php
$lib->about();
?>
</div> <!-- ure_tabs-6 -->
</div> <!-- ure_tabs -->
</div>
<?php
URE_View::output_confirmation_dialog();
?>
<script>
jQuery(function($) {
$('#ure_tabs').tabs();
<?php
$ure_tab_idx = (int) $ure_tab_idx;
if ($ure_tab_idx>0 && $ure_tab_idx<=count($tabs_index)) {
?>
$('#ure_tabs').tabs('option', 'active', <?php echo $ure_tab_idx; ?>);
<?php
}
?>
$('#ure_tabs').show();
});
</script>

2
wp/wp-content/plugins/user-role-editor/index.php Normal file
View File

@@ -0,0 +1,2 @@
<?php
// Silence is golden.

2
wp/wp-content/plugins/user-role-editor/js/index.php Normal file
View File

@@ -0,0 +1,2 @@
<?php
// Silence is golden.

4289
wp/wp-content/plugins/user-role-editor/js/multiple-select.js Normal file
View File

File diff suppressed because it is too large Load Diff

10
wp/wp-content/plugins/user-role-editor/js/multiple-select.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

625
wp/wp-content/plugins/user-role-editor/js/notify.js Normal file
View File

@@ -0,0 +1,625 @@
/* Notify.js - http://notifyjs.com/ Copyright (c) 2015 MIT */
(function (factory) {
// UMD start
// https://github.com/umdjs/umd/blob/master/jqueryPluginCommonjs.js
if (typeof define === 'function' && define.amd) {
// AMD. Register as an anonymous module.
define(['jquery'], factory);
} else if (typeof module === 'object' && module.exports) {
// Node/CommonJS
module.exports = function( root, jQuery ) {
if ( jQuery === undefined ) {
// require('jQuery') returns a factory that requires window to
// build a jQuery instance, we normalize how we use modules
// that require this pattern but the window provided is a noop
// if it's defined (how jquery works)
if ( typeof window !== 'undefined' ) {
jQuery = require('jquery');
}
else {
jQuery = require('jquery')(root);
}
}
factory(jQuery);
return jQuery;
};
} else {
// Browser globals
factory(jQuery);
}
}(function ($) {
//IE8 indexOf polyfill
var indexOf = [].indexOf || function(item) {
for (var i = 0, l = this.length; i < l; i++) {
if (i in this && this[i] === item) {
return i;
}
}
return -1;
};
var pluginName = "notify";
var pluginClassName = pluginName + "js";
var blankFieldName = pluginName + "!blank";
var positions = {
t: "top",
m: "middle",
b: "bottom",
l: "left",
c: "center",
r: "right"
};
var hAligns = ["l", "c", "r"];
var vAligns = ["t", "m", "b"];
var mainPositions = ["t", "b", "l", "r"];
var opposites = {
t: "b",
m: null,
b: "t",
l: "r",
c: null,
r: "l"
};
var parsePosition = function(str) {
var pos;
pos = [];
$.each(str.split(/\W+/), function(i, word) {
var w;
w = word.toLowerCase().charAt(0);
if (positions[w]) {
return pos.push(w);
}
});
return pos;
};
var styles = {};
var coreStyle = {
name: "core",
html: "<div class=\"" + pluginClassName + "-wrapper\">\n <div class=\"" + pluginClassName + "-arrow\"></div>\n <div class=\"" + pluginClassName + "-container\"></div>\n</div>",
css: "." + pluginClassName + "-corner {\n position: fixed;\n margin: 5px;\n z-index: 1000000;\n}\n\n." + pluginClassName + "-corner ." + pluginClassName + "-wrapper,\n." + pluginClassName + "-corner ." + pluginClassName + "-container {\n position: relative;\n display: block;\n height: inherit;\n width: inherit;\n margin: 3px;\n}\n\n." + pluginClassName + "-wrapper {\n z-index: 1;\n position: absolute;\n display: inline-block;\n height: 0;\n width: 0;\n}\n\n." + pluginClassName + "-container {\n display: none;\n z-index: 1;\n position: absolute;\n}\n\n." + pluginClassName + "-hidable {\n cursor: pointer;\n}\n\n[data-notify-text],[data-notify-html] {\n position: relative;\n}\n\n." + pluginClassName + "-arrow {\n position: absolute;\n z-index: 2;\n width: 0;\n height: 0;\n}"
};
var stylePrefixes = {
"border-radius": ["-webkit-", "-moz-"]
};
var getStyle = function(name) {
return styles[name];
};
var removeStyle = function(name) {
if (!name) {
throw "Missing Style name";
}
if (styles[name]) {
delete styles[name];
}
};
var addStyle = function(name, def) {
if (!name) {
throw "Missing Style name";
}
if (!def) {
throw "Missing Style definition";
}
if (!def.html) {
throw "Missing Style HTML";
}
//remove existing style
var existing = styles[name];
if (existing && existing.cssElem) {
if (window.console) {
console.warn(pluginName + ": overwriting style '" + name + "'");
}
styles[name].cssElem.remove();
}
def.name = name;
styles[name] = def;
var cssText = "";
if (def.classes) {
$.each(def.classes, function(className, props) {
cssText += "." + pluginClassName + "-" + def.name + "-" + className + " {\n";
$.each(props, function(name, val) {
if (stylePrefixes[name]) {
$.each(stylePrefixes[name], function(i, prefix) {
return cssText += " " + prefix + name + ": " + val + ";\n";
});
}
return cssText += " " + name + ": " + val + ";\n";
});
return cssText += "}\n";
});
}
if (def.css) {
cssText += "/* styles for " + def.name + " */\n" + def.css;
}
if (cssText) {
def.cssElem = insertCSS(cssText);
def.cssElem.attr("id", "notify-" + def.name);
}
var fields = {};
var elem = $(def.html);
findFields("html", elem, fields);
findFields("text", elem, fields);
def.fields = fields;
};
var insertCSS = function(cssText) {
var e, elem, error;
elem = createElem("style");
elem.attr("type", 'text/css');
$("head").append(elem);
try {
elem.html(cssText);
} catch (_) {
elem[0].styleSheet.cssText = cssText;
}
return elem;
};
var findFields = function(type, elem, fields) {
var attr;
if (type !== "html") {
type = "text";
}
attr = "data-notify-" + type;
return find(elem, "[" + attr + "]").each(function() {
var name;
name = $(this).attr(attr);
if (!name) {
name = blankFieldName;
}
fields[name] = type;
});
};
var find = function(elem, selector) {
if (elem.is(selector)) {
return elem;
} else {
return elem.find(selector);
}
};
var pluginOptions = {
clickToHide: true,
autoHide: true,
autoHideDelay: 5000,
arrowShow: true,
arrowSize: 5,
breakNewLines: true,
elementPosition: "bottom",
globalPosition: "top right",
style: "bootstrap",
className: "error",
showAnimation: "slideDown",
showDuration: 400,
hideAnimation: "slideUp",
hideDuration: 200,
gap: 5
};
var inherit = function(a, b) {
var F;
F = function() {};
F.prototype = a;
return $.extend(true, new F(), b);
};
var defaults = function(opts) {
return $.extend(pluginOptions, opts);
};
var createElem = function(tag) {
return $("<" + tag + "></" + tag + ">");
};
var globalAnchors = {};
var getAnchorElement = function(element) {
var radios;
if (element.is('[type=radio]')) {
radios = element.parents('form:first').find('[type=radio]').filter(function(i, e) {
return $(e).attr("name") === element.attr("name");
});
element = radios.first();
}
return element;
};
var incr = function(obj, pos, val) {
var opp, temp;
if (typeof val === "string") {
val = parseInt(val, 10);
} else if (typeof val !== "number") {
return;
}
if (isNaN(val)) {
return;
}
opp = positions[opposites[pos.charAt(0)]];
temp = pos;
if (obj[opp] !== undefined) {
pos = positions[opp.charAt(0)];
val = -val;
}
if (obj[pos] === undefined) {
obj[pos] = val;
} else {
obj[pos] += val;
}
return null;
};
var realign = function(alignment, inner, outer) {
if (alignment === "l" || alignment === "t") {
return 0;
} else if (alignment === "c" || alignment === "m") {
return outer / 2 - inner / 2;
} else if (alignment === "r" || alignment === "b") {
return outer - inner;
}
throw "Invalid alignment";
};
var encode = function(text) {
encode.e = encode.e || createElem("div");
return encode.e.text(text).html();
};
function Notification(elem, data, options) {
if (typeof options === "string") {
options = {
className: options
};
}
this.options = inherit(pluginOptions, $.isPlainObject(options) ? options : {});
this.loadHTML();
this.wrapper = $(coreStyle.html);
if (this.options.clickToHide) {
this.wrapper.addClass(pluginClassName + "-hidable");
}
this.wrapper.data(pluginClassName, this);
this.arrow = this.wrapper.find("." + pluginClassName + "-arrow");
this.container = this.wrapper.find("." + pluginClassName + "-container");
this.container.append(this.userContainer);
if (elem && elem.length) {
this.elementType = elem.attr("type");
this.originalElement = elem;
this.elem = getAnchorElement(elem);
this.elem.data(pluginClassName, this);
this.elem.before(this.wrapper);
}
this.container.hide();
this.run(data);
}
Notification.prototype.loadHTML = function() {
var style;
style = this.getStyle();
this.userContainer = $(style.html);
this.userFields = style.fields;
};
Notification.prototype.show = function(show, userCallback) {
var args, callback, elems, fn, hidden;
callback = (function(_this) {
return function() {
if (!show && !_this.elem) {
_this.destroy();
}
if (userCallback) {
return userCallback();
}
};
})(this);
hidden = this.container.parent().parents(':hidden').length > 0;
elems = this.container.add(this.arrow);
args = [];
if (hidden && show) {
fn = "show";
} else if (hidden && !show) {
fn = "hide";
} else if (!hidden && show) {
fn = this.options.showAnimation;
args.push(this.options.showDuration);
} else if (!hidden && !show) {
fn = this.options.hideAnimation;
args.push(this.options.hideDuration);
} else {
return callback();
}
args.push(callback);
return elems[fn].apply(elems, args);
};
Notification.prototype.setGlobalPosition = function() {
var p = this.getPosition();
var pMain = p[0];
var pAlign = p[1];
var main = positions[pMain];
var align = positions[pAlign];
var key = pMain + "|" + pAlign;
var anchor = globalAnchors[key];
if (!anchor || !document.body.contains(anchor[0])) {
anchor = globalAnchors[key] = createElem("div");
var css = {};
css[main] = 0;
if (align === "middle") {
css.top = '45%';
} else if (align === "center") {
css.left = '45%';
} else {
css[align] = 0;
}
anchor.css(css).addClass(pluginClassName + "-corner");
$("body").append(anchor);
}
return anchor.prepend(this.wrapper);
};
Notification.prototype.setElementPosition = function() {
var arrowColor, arrowCss, arrowSize, color, contH, contW, css, elemH, elemIH, elemIW, elemPos, elemW, gap, j, k, len, len1, mainFull, margin, opp, oppFull, pAlign, pArrow, pMain, pos, posFull, position, ref, wrapPos;
position = this.getPosition();
pMain = position[0];
pAlign = position[1];
pArrow = position[2];
elemPos = this.elem.position();
elemH = this.elem.outerHeight();
elemW = this.elem.outerWidth();
elemIH = this.elem.innerHeight();
elemIW = this.elem.innerWidth();
wrapPos = this.wrapper.position();
contH = this.container.height();
contW = this.container.width();
mainFull = positions[pMain];
opp = opposites[pMain];
oppFull = positions[opp];
css = {};
css[oppFull] = pMain === "b" ? elemH : pMain === "r" ? elemW : 0;
incr(css, "top", elemPos.top - wrapPos.top);
incr(css, "left", elemPos.left - wrapPos.left);
ref = ["top", "left"];
for (j = 0, len = ref.length; j < len; j++) {
pos = ref[j];
margin = parseInt(this.elem.css("margin-" + pos), 10);
if (margin) {
incr(css, pos, margin);
}
}
gap = Math.max(0, this.options.gap - (this.options.arrowShow ? arrowSize : 0));
incr(css, oppFull, gap);
if (!this.options.arrowShow) {
this.arrow.hide();
} else {
arrowSize = this.options.arrowSize;
arrowCss = $.extend({}, css);
arrowColor = this.userContainer.css("border-color") || this.userContainer.css("border-top-color") || this.userContainer.css("background-color") || "white";
for (k = 0, len1 = mainPositions.length; k < len1; k++) {
pos = mainPositions[k];
posFull = positions[pos];
if (pos === opp) {
continue;
}
color = posFull === mainFull ? arrowColor : "transparent";
arrowCss["border-" + posFull] = arrowSize + "px solid " + color;
}
incr(css, positions[opp], arrowSize);
if (indexOf.call(mainPositions, pAlign) >= 0) {
incr(arrowCss, positions[pAlign], arrowSize * 2);
}
}
if (indexOf.call(vAligns, pMain) >= 0) {
incr(css, "left", realign(pAlign, contW, elemW));
if (arrowCss) {
incr(arrowCss, "left", realign(pAlign, arrowSize, elemIW));
}
} else if (indexOf.call(hAligns, pMain) >= 0) {
incr(css, "top", realign(pAlign, contH, elemH));
if (arrowCss) {
incr(arrowCss, "top", realign(pAlign, arrowSize, elemIH));
}
}
if (this.container.is(":visible")) {
css.display = "block";
}
this.container.removeAttr("style").css(css);
if (arrowCss) {
return this.arrow.removeAttr("style").css(arrowCss);
}
};
Notification.prototype.getPosition = function() {
var pos, ref, ref1, ref2, ref3, ref4, ref5, text;
text = this.options.position || (this.elem ? this.options.elementPosition : this.options.globalPosition);
pos = parsePosition(text);
if (pos.length === 0) {
pos[0] = "b";
}
if (ref = pos[0], indexOf.call(mainPositions, ref) < 0) {
throw "Must be one of [" + mainPositions + "]";
}
if (pos.length === 1 || ((ref1 = pos[0], indexOf.call(vAligns, ref1) >= 0) && (ref2 = pos[1], indexOf.call(hAligns, ref2) < 0)) || ((ref3 = pos[0], indexOf.call(hAligns, ref3) >= 0) && (ref4 = pos[1], indexOf.call(vAligns, ref4) < 0))) {
pos[1] = (ref5 = pos[0], indexOf.call(hAligns, ref5) >= 0) ? "m" : "l";
}
if (pos.length === 2) {
pos[2] = pos[1];
}
return pos;
};
Notification.prototype.getStyle = function(name) {
var style;
if (!name) {
name = this.options.style;
}
if (!name) {
name = "default";
}
style = styles[name];
if (!style) {
throw "Missing style: " + name;
}
return style;
};
Notification.prototype.updateClasses = function() {
var classes, style;
classes = ["base"];
if ($.isArray(this.options.className)) {
classes = classes.concat(this.options.className);
} else if (this.options.className) {
classes.push(this.options.className);
}
style = this.getStyle();
classes = $.map(classes, function(n) {
return pluginClassName + "-" + style.name + "-" + n;
}).join(" ");
return this.userContainer.attr("class", classes);
};
Notification.prototype.run = function(data, options) {
var d, datas, name, type, value;
if ($.isPlainObject(options)) {
$.extend(this.options, options);
} else if ($.type(options) === "string") {
this.options.className = options;
}
if (this.container && !data) {
this.show(false);
return;
} else if (!this.container && !data) {
return;
}
datas = {};
if ($.isPlainObject(data)) {
datas = data;
} else {
datas[blankFieldName] = data;
}
for (name in datas) {
d = datas[name];
type = this.userFields[name];
if (!type) {
continue;
}
if (type === "text") {
d = encode(d);
if (this.options.breakNewLines) {
d = d.replace(/\n/g, '<br/>');
}
}
value = name === blankFieldName ? '' : '=' + name;
find(this.userContainer, "[data-notify-" + type + value + "]").html(d);
}
this.updateClasses();
if (this.elem) {
this.setElementPosition();
} else {
this.setGlobalPosition();
}
this.show(true);
if (this.options.autoHide) {
clearTimeout(this.autohideTimer);
this.autohideTimer = setTimeout(this.show.bind(this, false), this.options.autoHideDelay);
}
};
Notification.prototype.destroy = function() {
this.wrapper.data(pluginClassName, null);
this.wrapper.remove();
};
$[pluginName] = function(elem, data, options) {
if ((elem && elem.nodeName) || elem.jquery) {
$(elem)[pluginName](data, options);
} else {
options = data;
data = elem;
new Notification(null, data, options);
}
return elem;
};
$.fn[pluginName] = function(data, options) {
$(this).each(function() {
var prev = getAnchorElement($(this)).data(pluginClassName);
if (prev) {
prev.destroy();
}
var curr = new Notification($(this), data, options);
});
return this;
};
$.extend($[pluginName], {
defaults: defaults,
addStyle: addStyle,
removeStyle: removeStyle,
pluginOptions: pluginOptions,
getStyle: getStyle,
insertCSS: insertCSS
});
//always include the default bootstrap style
addStyle("bootstrap", {
html: "<div>\n<span data-notify-text></span>\n</div>",
classes: {
base: {
"font-weight": "bold",
"padding": "8px 15px 8px 14px",
"text-shadow": "0 1px 0 rgba(255, 255, 255, 0.5)",
"background-color": "#fcf8e3",
"border": "1px solid #fbeed5",
"border-radius": "4px",
"white-space": "nowrap",
"padding-left": "25px",
"background-repeat": "no-repeat",
"background-position": "3px 7px"
},
error: {
"color": "#B94A48",
"background-color": "#F2DEDE",
"border-color": "#EED3D7",
"background-image": "url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAtRJREFUeNqkVc1u00AQHq+dOD+0poIQfkIjalW0SEGqRMuRnHos3DjwAH0ArlyQeANOOSMeAA5VjyBxKBQhgSpVUKKQNGloFdw4cWw2jtfMOna6JOUArDTazXi/b3dm55socPqQhFka++aHBsI8GsopRJERNFlY88FCEk9Yiwf8RhgRyaHFQpPHCDmZG5oX2ui2yilkcTT1AcDsbYC1NMAyOi7zTX2Agx7A9luAl88BauiiQ/cJaZQfIpAlngDcvZZMrl8vFPK5+XktrWlx3/ehZ5r9+t6e+WVnp1pxnNIjgBe4/6dAysQc8dsmHwPcW9C0h3fW1hans1ltwJhy0GxK7XZbUlMp5Ww2eyan6+ft/f2FAqXGK4CvQk5HueFz7D6GOZtIrK+srupdx1GRBBqNBtzc2AiMr7nPplRdKhb1q6q6zjFhrklEFOUutoQ50xcX86ZlqaZpQrfbBdu2R6/G19zX6XSgh6RX5ubyHCM8nqSID6ICrGiZjGYYxojEsiw4PDwMSL5VKsC8Yf4VRYFzMzMaxwjlJSlCyAQ9l0CW44PBADzXhe7xMdi9HtTrdYjFYkDQL0cn4Xdq2/EAE+InCnvADTf2eah4Sx9vExQjkqXT6aAERICMewd/UAp/IeYANM2joxt+q5VI+ieq2i0Wg3l6DNzHwTERPgo1ko7XBXj3vdlsT2F+UuhIhYkp7u7CarkcrFOCtR3H5JiwbAIeImjT/YQKKBtGjRFCU5IUgFRe7fF4cCNVIPMYo3VKqxwjyNAXNepuopyqnld602qVsfRpEkkz+GFL1wPj6ySXBpJtWVa5xlhpcyhBNwpZHmtX8AGgfIExo0ZpzkWVTBGiXCSEaHh62/PoR0p/vHaczxXGnj4bSo+G78lELU80h1uogBwWLf5YlsPmgDEd4M236xjm+8nm4IuE/9u+/PH2JXZfbwz4zw1WbO+SQPpXfwG/BBgAhCNZiSb/pOQAAAAASUVORK5CYII=)"
},
success: {
"color": "#468847",
"background-color": "#DFF0D8",
"border-color": "#D6E9C6",
"background-image": "url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAutJREFUeNq0lctPE0Ecx38zu/RFS1EryqtgJFA08YCiMZIAQQ4eRG8eDGdPJiYeTIwHTfwPiAcvXIwXLwoXPaDxkWgQ6islKlJLSQWLUraPLTv7Gme32zoF9KSTfLO7v53vZ3d/M7/fIth+IO6INt2jjoA7bjHCJoAlzCRw59YwHYjBnfMPqAKWQYKjGkfCJqAF0xwZjipQtA3MxeSG87VhOOYegVrUCy7UZM9S6TLIdAamySTclZdYhFhRHloGYg7mgZv1Zzztvgud7V1tbQ2twYA34LJmF4p5dXF1KTufnE+SxeJtuCZNsLDCQU0+RyKTF27Unw101l8e6hns3u0PBalORVVVkcaEKBJDgV3+cGM4tKKmI+ohlIGnygKX00rSBfszz/n2uXv81wd6+rt1orsZCHRdr1Imk2F2Kob3hutSxW8thsd8AXNaln9D7CTfA6O+0UgkMuwVvEFFUbbAcrkcTA8+AtOk8E6KiQiDmMFSDqZItAzEVQviRkdDdaFgPp8HSZKAEAL5Qh7Sq2lIJBJwv2scUqkUnKoZgNhcDKhKg5aH+1IkcouCAdFGAQsuWZYhOjwFHQ96oagWgRoUov1T9kRBEODAwxM2QtEUl+Wp+Ln9VRo6BcMw4ErHRYjH4/B26AlQoQQTRdHWwcd9AH57+UAXddvDD37DmrBBV34WfqiXPl61g+vr6xA9zsGeM9gOdsNXkgpEtTwVvwOklXLKm6+/p5ezwk4B+j6droBs2CsGa/gNs6RIxazl4Tc25mpTgw/apPR1LYlNRFAzgsOxkyXYLIM1V8NMwyAkJSctD1eGVKiq5wWjSPdjmeTkiKvVW4f2YPHWl3GAVq6ymcyCTgovM3FzyRiDe2TaKcEKsLpJvNHjZgPNqEtyi6mZIm4SRFyLMUsONSSdkPeFtY1n0mczoY3BHTLhwPRy9/lzcziCw9ACI+yql0VLzcGAZbYSM5CCSZg1/9oc/nn7+i8N9p/8An4JMADxhH+xHfuiKwAAAABJRU5ErkJggg==)"
},
info: {
"color": "#3A87AD",
"background-color": "#D9EDF7",
"border-color": "#BCE8F1",
"background-image": "url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3QYFAhkSsdes/QAAA8dJREFUOMvVlGtMW2UYx//POaWHXg6lLaW0ypAtw1UCgbniNOLcVOLmAjHZolOYlxmTGXVZdAnRfXQm+7SoU4mXaOaiZsEpC9FkiQs6Z6bdCnNYruM6KNBw6YWewzl9z+sHImEWv+vz7XmT95f/+3/+7wP814v+efDOV3/SoX3lHAA+6ODeUFfMfjOWMADgdk+eEKz0pF7aQdMAcOKLLjrcVMVX3xdWN29/GhYP7SvnP0cWfS8caSkfHZsPE9Fgnt02JNutQ0QYHB2dDz9/pKX8QjjuO9xUxd/66HdxTeCHZ3rojQObGQBcuNjfplkD3b19Y/6MrimSaKgSMmpGU5WevmE/swa6Oy73tQHA0Rdr2Mmv/6A1n9w9suQ7097Z9lM4FlTgTDrzZTu4StXVfpiI48rVcUDM5cmEksrFnHxfpTtU/3BFQzCQF/2bYVoNbH7zmItbSoMj40JSzmMyX5qDvriA7QdrIIpA+3cdsMpu0nXI8cV0MtKXCPZev+gCEM1S2NHPvWfP/hL+7FSr3+0p5RBEyhEN5JCKYr8XnASMT0xBNyzQGQeI8fjsGD39RMPk7se2bd5ZtTyoFYXftF6y37gx7NeUtJJOTFlAHDZLDuILU3j3+H5oOrD3yWbIztugaAzgnBKJuBLpGfQrS8wO4FZgV+c1IxaLgWVU0tMLEETCos4xMzEIv9cJXQcyagIwigDGwJgOAtHAwAhisQUjy0ORGERiELgG4iakkzo4MYAxcM5hAMi1WWG1yYCJIcMUaBkVRLdGeSU2995TLWzcUAzONJ7J6FBVBYIggMzmFbvdBV44Corg8vjhzC+EJEl8U1kJtgYrhCzgc/vvTwXKSib1paRFVRVORDAJAsw5FuTaJEhWM2SHB3mOAlhkNxwuLzeJsGwqWzf5TFNdKgtY5qHp6ZFf67Y/sAVadCaVY5YACDDb3Oi4NIjLnWMw2QthCBIsVhsUTU9tvXsjeq9+X1d75/KEs4LNOfcdf/+HthMnvwxOD0wmHaXr7ZItn2wuH2SnBzbZAbPJwpPx+VQuzcm7dgRCB57a1uBzUDRL4bfnI0RE0eaXd9W89mpjqHZnUI5Hh2l2dkZZUhOqpi2qSmpOmZ64Tuu9qlz/SEXo6MEHa3wOip46F1n7633eekV8ds8Wxjn37Wl63VVa+ej5oeEZ/82ZBETJjpJ1Rbij2D3Z/1trXUvLsblCK0XfOx0SX2kMsn9dX+d+7Kf6h8o4AIykuffjT8L20LU+w4AZd5VvEPY+XpWqLV327HR7DzXuDnD8r+ovkBehJ8i+y8YAAAAASUVORK5CYII=)"
},
warn: {
"color": "#C09853",
"background-color": "#FCF8E3",
"border-color": "#FBEED5",
"background-image": "url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAMAAAC6V+0/AAABJlBMVEXr6eb/2oD/wi7/xjr/0mP/ykf/tQD/vBj/3o7/uQ//vyL/twebhgD/4pzX1K3z8e349vK6tHCilCWbiQymn0jGworr6dXQza3HxcKkn1vWvV/5uRfk4dXZ1bD18+/52YebiAmyr5S9mhCzrWq5t6ufjRH54aLs0oS+qD751XqPhAybhwXsujG3sm+Zk0PTwG6Shg+PhhObhwOPgQL4zV2nlyrf27uLfgCPhRHu7OmLgAafkyiWkD3l49ibiAfTs0C+lgCniwD4sgDJxqOilzDWowWFfAH08uebig6qpFHBvH/aw26FfQTQzsvy8OyEfz20r3jAvaKbhgG9q0nc2LbZxXanoUu/u5WSggCtp1anpJKdmFz/zlX/1nGJiYmuq5Dx7+sAAADoPUZSAAAAAXRSTlMAQObYZgAAAAFiS0dEAIgFHUgAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfdBgUBGhh4aah5AAAAlklEQVQY02NgoBIIE8EUcwn1FkIXM1Tj5dDUQhPU502Mi7XXQxGz5uVIjGOJUUUW81HnYEyMi2HVcUOICQZzMMYmxrEyMylJwgUt5BljWRLjmJm4pI1hYp5SQLGYxDgmLnZOVxuooClIDKgXKMbN5ggV1ACLJcaBxNgcoiGCBiZwdWxOETBDrTyEFey0jYJ4eHjMGWgEAIpRFRCUt08qAAAAAElFTkSuQmCC)"
}
}
});
$(function() {
insertCSS(coreStyle.css).attr("id", "core-notify");
$(document).on("click", "." + pluginClassName + "-hidable", function(e) {
$(this).trigger("notify-hide");
});
$(document).on("notify-hide", "." + pluginClassName + "-wrapper", function(e) {
var elem = $(this).data(pluginClassName);
if(elem) {
elem.show(false);
}
});
});
}));

1
wp/wp-content/plugins/user-role-editor/js/notify.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

65
wp/wp-content/plugins/user-role-editor/js/settings.js Normal file
View File

@@ -0,0 +1,65 @@
/*
* User Role Editor WordPress plugin JavaScript for Settings page
*/
function ure_ui_button_text(caption) {
var wrapper = '<span class="ui-button-text">' + caption + '</span>';
return wrapper;
}
function ure_roles_reset_form_submit() {
jQuery('#ure_reset_roles_form').submit();
}
jQuery(function() {
jQuery('#ure_reset_roles_button').button({
label: ure_data.reset
}).click(function (event) {
event.preventDefault();
ure_confirm(ure_data.reset_warning, ure_roles_reset_form_submit);
});
function ure_confirm(message, routine) {
jQuery('#ure_confirmation_dialog').dialog({
dialogClass: 'wp-dialog',
modal: true,
autoOpen: true,
closeOnEscape: true,
width: 600,
height: 280,
resizable: false,
title: ure_data.confirm_title,
'buttons': {
'No': function () {
jQuery(this).dialog('close');
return false;
},
'Yes': function () {
jQuery(this).dialog('close');
routine();
return true;
}
}
});
jQuery('#ure_cd_html').html(message);
jQuery('.ui-dialog-buttonpane button:contains("No")').attr('id', 'dialog-no-button');
jQuery('#dialog-no-button').html(ure_ui_button_text(ure_data.no_label));
jQuery('.ui-dialog-buttonpane button:contains("Yes")').attr('id', 'dialog-yes-button');
jQuery('#dialog-yes-button').html(ure_ui_button_text(ure_data.yes_label));
}
// end of ure_confirm()
jQuery('#ure_reset_roles_secure').on('input', function() {
if ( this.value===ure_data.reset_roles_secure_text ) {
jQuery('#ure_reset_roles_button').button('enable');
} else {
jQuery('#ure_reset_roles_button').button('disable');
}
});
});

1119
wp/wp-content/plugins/user-role-editor/js/ure.js Normal file
View File

File diff suppressed because it is too large Load Diff

61
wp/wp-content/plugins/user-role-editor/js/user-profile-other-roles.js Normal file
View File

@@ -0,0 +1,61 @@
/* User Role Editor - assign to the user other roles
* Author: Vladimir Garagulya
* email: support@role-editor.com
*/
jQuery(function() {
ure_init_controls('');
ure_init_controls('_2');
});
function ure_init_controls(context) {
if (jQuery('#ure_select_other_roles'+ context).length==0) {
return;
}
if (ure_data_user_profile_other_roles.select_primary_role!=1) {
jQuery('.user-role-wrap').hide();
}
jQuery('#ure_select_other_roles'+ context).multipleSelect({
filter: true,
multiple: true,
selectAll: false,
multipleWidth: 600,
maxHeight: 300,
placeholder: ure_data_user_profile_other_roles.select_roles,
onClick: function(view) {
ure_update_linked_controls_other_roles(context);
}
});
var other_roles = jQuery('#ure_other_roles'+ context).val();
var selected_roles = other_roles.split(',');
jQuery('#ure_select_other_roles'+ context).multipleSelect('setSelects', selected_roles);
}
function ure_update_linked_controls_other_roles(context) {
var data_value = jQuery('#ure_select_other_roles'+ context).multipleSelect('getSelects');
var to_save = '';
for (i=0; i<data_value.length; i++) {
if (to_save!=='') {
to_save = to_save + ', ';
}
to_save = to_save + data_value[i];
}
jQuery('#ure_other_roles'+ context).val(to_save);
var data_text = jQuery('#ure_select_other_roles'+ context).multipleSelect('getSelects', 'text');
var to_show = '';
for (i=0; i<data_text.length; i++) {
if (to_show!=='') {
to_show = to_show + ', ';
}
to_show = to_show + data_text[i];
}
jQuery('#ure_other_roles_list'+ context).html(to_show);
}

166
wp/wp-content/plugins/user-role-editor/js/users-grant-roles.js Normal file
View File

@@ -0,0 +1,166 @@
/*
* User Role Editor: support of 'Grant Roles' button for Users page (wp-admin/users.php)
*/
jQuery(function() {
jQuery('#ure_grant_roles').click(function() {
ure_prepare_grant_roles_dialog();
});
jQuery('#ure_grant_roles_2').click(function() {
ure_prepare_grant_roles_dialog();
});
if (ure_users_grant_roles_data.show_wp_change_role!=1) {
jQuery('#new_role').hide();
jQuery('#new_role2').hide();
jQuery('#changeit').hide();
jQuery('[id=changeit]:eq(1)').hide(); // for 2nd 'Change' button with the same ID.
}
});
function ure_get_selected_checkboxes(item_name) {
var items = jQuery('input[type="checkbox"][name="'+ item_name +'\\[\\]"]:checked').map(function() { return this.value; }).get();
return items;
}
function ure_show_grant_roles_dialog_pre_selected(response) {
jQuery('#ure_task_status').hide();
if (response!==null && response.result=='error') {
alert(response.message);
return;
}
if (response.primary_role!==null && response.primary_role.length>0 && jQuery('#primary_role').length>0) {
jQuery('#primary_role').val(response.primary_role);
}
if (response.other_roles!==null && response.other_roles.length>0) {
for(i=0;i<response.other_roles.length;i++) {
jQuery('#wp_role_'+ response.other_roles[i]).prop('checked', true);
}
}
ure_show_grant_roles_dialog();
}
function ure_get_selected_user_roles(users) {
jQuery('#ure_task_status').show();
var user_id = users.shift();
var data = {
'action': 'ure_ajax',
'sub_action':'get_user_roles',
'user_id': user_id,
'wp_nonce': ure_users_grant_roles_data.wp_nonce};
jQuery.post(ajaxurl, data, ure_show_grant_roles_dialog_pre_selected, 'json');
}
function ure_unselect_roles() {
jQuery('#primary_role').val([]);
// uncheck all checked checkboxes if there are any
jQuery('input[type="checkbox"][name="ure_roles\\[\\]"]:checked').map(function() {
this.checked = false;
});
}
function ure_prepare_grant_roles_dialog() {
var users = ure_get_selected_checkboxes('users');
if (users.length==0) {
alert(ure_users_grant_roles_data.select_users_first);
return;
}
if (users.length==1) {
ure_get_selected_user_roles(users);
} else {
ure_unselect_roles();
ure_show_grant_roles_dialog();
}
}
function ure_show_grant_roles_dialog() {
jQuery('#ure_grant_roles_dialog').dialog({
dialogClass: 'wp-dialog',
modal: true,
autoOpen: true,
closeOnEscape: true,
width: 600,
height: 400,
resizable: false,
title: ure_users_grant_roles_data.dialog_title,
'buttons': {
'OK': function () {
ure_grant_roles();
jQuery(this).dialog('close');
return true;
},
Cancel: function () {
jQuery(this).dialog('close');
return false;
}
}
});
}
function ure_grant_roles() {
var primary_role = jQuery('#primary_role').val();
var other_roles = ure_get_selected_checkboxes('ure_roles');
jQuery('#ure_task_status').show();
var users = ure_get_selected_checkboxes('users');
var data = {
'action': 'ure_ajax',
'sub_action':'grant_roles',
'users': users,
'primary_role': primary_role,
'other_roles': other_roles,
'wp_nonce': ure_users_grant_roles_data.wp_nonce};
jQuery.post(ajaxurl, data, ure_page_reload, 'json');
return true;
}
function ure_set_url_arg(arg_name, arg_value) {
var url = window.location.href;
var hash = location.hash;
url = url.replace(hash, '');
if (url.indexOf(arg_name + "=")>=0) {
var prefix = url.substring(0, url.indexOf(arg_name));
var suffix = url.substring(url.indexOf(arg_name));
suffix = suffix.substring(suffix.indexOf("=") + 1);
suffix = (suffix.indexOf("&") >= 0) ? suffix.substring(suffix.indexOf("&")) : "";
url = prefix + arg_name + "=" + arg_value + suffix;
} else {
if (url.indexOf("?") < 0) {
url += "?" + arg_name + "=" + arg_value;
} else {
url += "&" + arg_name + "=" + arg_value;
}
}
url = url + hash;
return url;
}
function ure_page_reload(response) {
if (response!==null && response.result=='error') {
jQuery('#ure_task_status').hide();
alert(response.message);
return;
}
var url = ure_set_url_arg('update', 'promote');
document.location = url;
}

104
wp/wp-content/plugins/user-role-editor/js/users.js Normal file
View File

@@ -0,0 +1,104 @@
/* User Role Editor: support of 'Without Roles' button for users.php */
jQuery(function() {
jQuery('#move_from_no_role_content').append(ure_users_data.to +' <select id="ure_new_role" name="ure_new_role"></select>');
var ure_new_role = jQuery('#ure_new_role');
var options = jQuery("#new_role > option").clone();
jQuery('#ure_new_role').empty().append(options);
if (jQuery('#ure_new_role option[value="no_rights"]').length === 0) {
jQuery('#ure_new_role').append('<option value="no_rights">' + ure_users_data.no_rights_caption + '</option>');
}
// Exclude change role to
jQuery('#ure_new_role option[value=""]').remove();
var new_role = jQuery('#new_role').find(":selected").val();
if (new_role.length > 0) {
ure_new_role.val(new_role);
}
ure_new_role.trigger('updated');
});
function ure_move_users_from_no_role_dialog() {
jQuery('#move_from_no_role_dialog').dialog({
dialogClass: 'wp-dialog',
modal: true,
autoOpen: true,
closeOnEscape: true,
width: 400,
height: 200,
resizable: false,
title: ure_users_data.move_from_no_role_title,
'buttons': {
'OK': function () {
ure_move_users_from_no_role();
jQuery(this).dialog('close');
},
Cancel: function () {
jQuery(this).dialog('close');
return false;
}
}
});
}
function ure_move_users_from_no_role() {
var new_role = jQuery('#ure_new_role').find(":selected").val();
if (new_role.length==0) {
alert(ure_users_data.provide_new_role_caption);
return;
}
jQuery.ajax({
url: ajaxurl,
type: 'POST',
dataType: 'html',
data: {
action: 'ure_ajax',
sub_action: 'get_users_without_role',
wp_nonce: ure_users_data.wp_nonce,
new_role: new_role
},
success: function(response) {
var data = jQuery.parseJSON(response);
if (typeof data.result !== 'undefined') {
if (data.result === 'success') {
ure_post_move_users_command(data);
} else if (data.result==='error' || data.result==='failure') {
alert(data.message);
} else {
alert('Wrong response: ' + response)
}
} else {
alert('Wrong response: ' + response)
}
},
error: function(XMLHttpRequest, textStatus, exception) {
alert("Ajax failure\n" + XMLHttpRequest.statusText);
},
async: true
});
}
function ure_post_move_users_command(data) {
var options = jQuery("#ure_new_role > option").clone();
jQuery('#new_role').empty().append(options);
jQuery("#new_role").val(data.new_role);
var el = jQuery('.bulkactions').append();
for(var i=0; i<data.users.length; i++) {
if (jQuery('#user_'+ data.users[i]).length>0) {
jQuery('#user_'+ data.users[i]).prop('checked', true);
} else {
var html = '<input type="checkbox" name="users[]" id="user_'+ data.users[i] +'" value="'+ data.users[i] +'" checked="checked" style="display: none;">';
el.append(html);
}
}
// submit form
jQuery('#changeit').click();
}

2
wp/wp-content/plugins/user-role-editor/lang/index.php Normal file
View File

@@ -0,0 +1,2 @@
<?php
// Silence is golden.

1117
wp/wp-content/plugins/user-role-editor/lang/user-role-editor.pot Normal file
View File

File diff suppressed because it is too large Load Diff

375
wp/wp-content/plugins/user-role-editor/license.txt Normal file
View File

@@ -0,0 +1,375 @@
User Role Editor WordPress plugin
Copyright 2009-2020 by Vladimir Garagulia - support@role-editor.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
This program is based on the work covered by the following copyright and
permission notices:
WordPress - Web publishing software
Copyright 2003-2020 by the contributors
WordPress is released under the GPL
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
WRITTEN OFFER
The source code for any program binaries or compressed scripts that are
included with WordPress can be freely obtained at the following URL:
http://wordpress.org/download/source/

121
wp/wp-content/plugins/user-role-editor/readme.txt Normal file
View File

@@ -0,0 +1,121 @@
=== User Role Editor ===
Contributors: shinephp
Tags: user, role, editor, security, access
Requires at least: 4.4
Tested up to: 6.4.3
Stable tag: 4.64.2
Requires PHP: 7.3
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html
User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit/add/delete WordPress user roles and capabilities.
== Description ==
User Role Editor WordPress plugin allows you to change user roles and capabilities easy.
Just turn on check boxes of capabilities you wish to add to the selected role and click "Update" button to save your changes. That's done.
Add new roles and customize its capabilities according to your needs, from scratch of as a copy of other existing role.
Unnecessary self-made role can be deleted if there are no users whom such role is assigned.
Role assigned every new created user by default may be changed too.
Capabilities could be assigned on per user basis. Multiple roles could be assigned to user simultaneously.
You can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins.
Multi-site support is provided.
Try it out on your free TasteWP [test site](https://demo.tastewp.com/user-role-editor).
To read more about 'User Role Editor' visit [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/) at [shinephp.com](http://shinephp.com)
Do you need more functionality with quality support in a real time? Do you wish to remove advertisements from User Role Editor pages?
[Buy Pro version](https://www.role-editor.com).
[User Role Editor Pro](https://www.role-editor.com) includes extra modules:
<ul>
<li>Block selected admin menu items for role.</li>
<li>Hide selected front-end menu items for no logged-in visitors, logged-in users, roles.</li>
<li>Block selected widgets under "Appearance" menu for role.</li>
<li>Show widgets at front-end for selected roles.</li>
<li>Block selected meta boxes (dashboard, posts, pages, custom post types) for role.</li>
<li>"Export/Import" module. You can export user role to the local file and import it to any WordPress site or other sites of the multi-site WordPress network.</li>
<li>Roles and Users permissions management via Network Admin for multisite configuration. One click Synchronization to the whole network.</li>
<li>"Other roles access" module allows to define which other roles user with current role may see at WordPress: dropdown menus, e.g assign role to user editing user profile, etc.</li>
<li>Manage user access to editing posts/pages/custom post type using posts/pages, authors, taxonomies ID list.</li>
<li>Per plugin users access management for plugins activate/deactivate operations.</li>
<li>Per form users access management for Gravity Forms plugin.</li>
<li>Shortcode to show enclosed content to the users with selected roles only.</li>
<li>Posts and pages view restrictions for selected roles.</li>
<li>Admin back-end pages permissions viewer</li>
</ul>
Pro version is advertisement free. Premium support is included.
== Installation ==
Installation procedure:
1. Deactivate plugin if you have the previous version installed.
2. Extract "user-role-editor.zip" archive content to the "/wp-content/plugins/user-role-editor" directory.
3. Activate "User Role Editor" plugin via 'Plugins' menu in WordPress admin menu.
4. Go to the "Users"-"User Role Editor" menu item and change your WordPress standard roles capabilities according to your needs.
== Frequently Asked Questions ==
- Does it work with WordPress in multi-site environment?
Yes, it works with WordPress multi-site. By default plugin works for every blog from your multi-site network as for locally installed blog.
To update selected role globally for the Network you should turn on the "Apply to All Sites" checkbox. You should have superadmin privileges to use User Role Editor under WordPress multi-site.
Pro version allows to manage roles of the whole network from the Netwok Admin.
To read full FAQ section visit [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/#faq) at [shinephp.com](shinephp.com).
== Screenshots ==
1. screenshot-1.png User Role Editor main form
2. screenshot-2.png Add/Remove roles or capabilities
3. screenshot-3.png User Capabilities link
4. screenshot-4.png User Capabilities Editor
5. screenshot-5.png Bulk change role for users without roles
6. screenshot-6.png Assign multiple roles to the selected users
To read more about 'User Role Editor' visit [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/) at [shinephp.com](shinephp.com).
= Translations =
If you wish to check available translations or help with plugin translation to your language visit this link
https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
== Changelog =
= [4.64.2] 19.02.2024 =
* Update: Marked as compatible with WordPress 6.4.3
* Update: URE_Advertisement: rand() is replaced with wp_rand().
* Update: URE_Ajax_Proccessor: json_encode() is replaced with wp_json_encode().
* Update: User_Role_Editor::load_translation(): load_plugin_textdomain() is called with the 2nd parameter value false, instead of deprecated ''.
* Update: URE_Lib::is_right_admin_path(): parse_url() is replaced with wp_parse_url().
* Update: URE_Lib::user_is_admin() does not call WP_User::has_cap() to enhance performance.
* Update: Plugin version was added to CSS loaded to the "Users", "Users->User Role Editor", "Settings->User Role Editor" pages.
* Update: All JavaScript files are loaded in footer now.
* Fix: "Users->Add New Users". Unneeded extra '<table></table>' HTML tags was removed (thanks to Alejandro A. for this bug report).
= [4.64.1] 24.10.2023 =
* Update: Marked as compatible with WordPress 6.4
* Fix: Notice shown by PHP 8.3 is removed: PHP Deprecated: Creation of dynamic property URE_Editor::$hide_pro_banner is deprecated in /wp-content/plugins/user-role-editor/includes/classes/editor.php on line 166
* Fix: Notice shown by PHP 8.3 is removed: PHP Deprecated: Creation of dynamic property URE_Role_View::$caps_to_remove is deprecated in /wp-content/plugins/user-role-editor/includes/classes/role-view.php on line 23
* Fix: Notice shown by PHP 8.3 is removed: PHP Deprecated: Function utf8_decode() is deprecated in /wp-content/plugins/user-role-editor-pro/includes/classes/editor.php on line 984
File changelog.txt contains the full list of changes.
== Additional Documentation ==
You can find more information about "User Role Editor" plugin at [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/)
I am ready to answer on your questions about plugin usage. Use [plugin page comments](http://www.shinephp.com/user-role-editor-wordpress-plugin/) for that.
== Upgrade Notice ==
= [4.64.2] 19.02.2023 =
* Update: URE_Advertisement: rand() is replaced with wp_rand().
* Update: URE_Ajax_Proccessor: json_encode() is replaced with wp_json_encode().
* Update: User_Role_Editor::load_translation(): load_plugin_textdomain() is called with the 2nd parameter value false, instead of deprecated ''.
* Update: URE_Lib::is_right_admin_path(): parse_url() is replaced with wp_parse_url().
* Update: URE_Lib::user_is_admin() does not call WP_User::has_cap() to enhance performance.
* Update: Plugin version was added to CSS loaded to the "Users", "Users->User Role Editor", "Settings->User Role Editor" pages.
* Update: All JavaScript files are loaded in footer now.
* Fix: "Users->Add New Users". Unneeded extra '<table></table>' HTML tags was removed (thanks to Alejandro A. for this bug report).

BIN
wp/wp-content/plugins/user-role-editor/screenshot-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
wp/wp-content/plugins/user-role-editor/screenshot-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 46 KiB

BIN
wp/wp-content/plugins/user-role-editor/screenshot-3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
wp/wp-content/plugins/user-role-editor/screenshot-4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
wp/wp-content/plugins/user-role-editor/screenshot-5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 17 KiB

BIN
wp/wp-content/plugins/user-role-editor/screenshot-6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

64
wp/wp-content/plugins/user-role-editor/user-role-editor.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
/*
Plugin Name: User Role Editor
Plugin URI: https://www.role-editor.com
Description: Change/add/delete WordPress user roles and capabilities.
Version: 4.64.2
Author: Vladimir Garagulya
Author URI: https://www.role-editor.com
Text Domain: user-role-editor
Domain Path: /lang/
*/
/*
Copyright 2010-2024 Vladimir Garagulya (email: support@role-editor.com)
*/
if ( ! function_exists( 'get_option' ) ) {
header( 'HTTP/1.0 403 Forbidden' );
die; // Silence is golden, direct call is prohibited
}
if ( defined( 'URE_VERSION' ) ) {
if ( is_admin() && ( !defined('DOING_AJAX') || !DOING_AJAX ) ) {
if ( !class_exists('URE_Admin_Notice') ) {
require_once( plugin_dir_path( __FILE__ ) .'includes/classes/admin-notice.php' );
}
new URE_Admin_Notice('warning', "It seems that other copy of User Role Editor is active. Check if it's deactivated before activate this one.");
}
return;
}
define( 'URE_VERSION', '4.64.2' );
define( 'URE_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
define( 'URE_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'URE_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
define( 'URE_PLUGIN_FILE', basename( __FILE__ ) );
define( 'URE_PLUGIN_FULL_PATH', __FILE__ );
require_once( URE_PLUGIN_DIR .'includes/classes/admin-notice.php' );
require_once( URE_PLUGIN_DIR.'includes/classes/base-lib.php' );
require_once( URE_PLUGIN_DIR.'includes/classes/lib.php' );
// check PHP version
$ure_required_php_version = '7.3';
$exit_msg = 'User Role Editor requires PHP '. $ure_required_php_version .' or newer. '.
'<a href="https://www.php.net/supported-versions.php">Please update!</a>';
if ( !URE_Lib::check_version( PHP_VERSION, $ure_required_php_version, $exit_msg, __FILE__ ) ) {
return;
}
// check WP version
$ure_required_wp_version = '4.4';
$exit_msg = 'User Role Editor requires WordPress '. $ure_required_wp_version .' or newer. '.
'<a href="http://codex.wordpress.org/Upgrading_WordPress">Please update!</a>';
if ( !URE_Lib::check_version( get_bloginfo( 'version' ), $ure_required_wp_version, $exit_msg, __FILE__ ) ) {
return;
}
require_once( URE_PLUGIN_DIR .'includes/loader.php' );
// Uninstall action
register_uninstall_hook( URE_PLUGIN_FULL_PATH, array('User_Role_Editor', 'uninstall') );
$GLOBALS['user_role_editor'] = User_Role_Editor::get_instance();