ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update plugins

Browse Source
This commit is contained in:
Tony Volpe
2024-06-17 14:42:23 -04:00
parent a00f379f7f
commit 38e314323c
9467 changed files with 2032414 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
wp/wp-content/plugins/user-role-editor/includes/classes/admin-notice.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
/*
* admin_notices action support for User Role Editor plugin
*
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://role-editor.com
*/
class URE_Admin_Notice {
// Message class: update, success, warning
private $message_class;
private $message;
function __construct( $message_class, $message ) {
$this->message = $message;
$this->message_class = $message_class;
add_action('admin_notices', array($this, 'render') );
}
// end of __construct()
public function render() {
printf('<div class="notice notice-%s is-dismissible"><p>%s</p></div>', $this->message_class, $this->message );
}
// end of render()
}
// end of class URE_Admin_Notice

113
wp/wp-content/plugins/user-role-editor/includes/classes/advertisement.php Normal file
View File

@@ -0,0 +1,113 @@
<?php
/*
* User Role Editor plugin: advertisement showing class
* Author: Vladimir Garagulya
* email: vladimir@shinephp.com
* site: http://shinephp.com
*
*/
class URE_Advertisement {
private $slots_quantity = 1;
private $slots = array();
function __construct() {
$this->init();
}
// end of __construct
/**
* Returns random number not included into input array
*
* @param array $used - array of numbers used already
*
* @return int
*/
private function rand_unique( $max_ind, $used = array(-1) ) {
if ( $max_ind<0 ) {
$max_ind = 0;
}
$index = wp_rand( 0, $max_ind );
$iterations = 0;
while ( in_array( $index, $used ) && $iterations<=$max_ind * 3 ) {
$index = wp_rand( 0, $max_ind );
$iterations++;
}
return $index;
}
// return rand_unique()
private function init() {
$this->slots = array();
$used = array(-1);
$max_ind = $this->slots_quantity - 1;
$index = $this->rand_unique( $max_ind, $used );
$this->slots[$index] = $this->admin_menu_editor();
/*
$used[] = $index;
$index = $this->rand_unique( $used, $max_ind );
$this->slots[$index] = $this->some_other_slot();
ksort( $this->slots );
*
*/
}
// end of init()
/*
private function some_other_slot() {
$output = '
<div style="text-align: center;">
bla-bla-bla;
</div>';
return $output;
}
*/
// content of Admin Menu Editor advertisement slot
private function admin_menu_editor() {
$output = '
<div style="text-align: center;">
<a href="https://adminmenueditor.com/?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins" target="_new" >
<img src="' . URE_PLUGIN_URL . 'images/admin-menu-editor-pro.jpg' . '" alt="Admin Menu Editor Pro"
title="Move, rename, hide, add admin menu items, restrict access" width="250" height="250" />
</a>
</div>
';
return $output;
}
// end of admin_menu_editor()
/**
* Output all existed ads slots
*/
public function display() {
if ( empty( $this->slots ) ) {
return;
}
?>
<div id="ure-sidebar" class="ure_table_cell" >
<?php
foreach ($this->slots as $slot) {
echo $slot . "\n";
}
?>
</div>
<?php
}
// end of display()
}
// end of URE_Advertisement class

373
wp/wp-content/plugins/user-role-editor/includes/classes/ajax-processor.php Normal file
View File

@@ -0,0 +1,373 @@
<?php
/*
* User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Email: support@role-editor.com
* License: GPLv2 or later
*/
/**
* Process AJAX request from User Role Editor
*
* @author vladimir
*/
class URE_Ajax_Processor {
protected $lib = null;
protected $action = null;
protected $debug = null;
public function __construct( ) {
$this->lib = URE_Lib::get_instance();
$this->debug = ( defined('WP_PHP_UNIT_TEST') && WP_PHP_UNIT_TEST==true );
}
// end of __construct()
protected function get_action() {
$action = $this->lib->get_request_var( 'sub_action', 'post' );
if ( empty( $action ) ) {
$action = $this->lib->get_request_var( 'sub_action', 'get' );
}
return $action;
}
// end of get_action()
protected function get_required_cap() {
if ( $this->action=='grant_roles' || $this->action=='get_user_roles' ) {
$cap = 'promote_users';
} else {
$cap = URE_Own_Capabilities::get_key_capability();
}
return $cap;
}
// end of get_required_cap()
protected function valid_nonce() {
if ( !isset( $_REQUEST['wp_nonce'] ) || !wp_verify_nonce( $_REQUEST['wp_nonce'], 'user-role-editor' ) ) {
echo wp_json_encode( array('result'=>'error', 'message'=>'URE: Wrong or expired request') );
return false;
} else {
return true;
}
}
// end of check_nonce()
protected function user_can() {
$capability = $this->get_required_cap();
if ( !current_user_can( $capability ) ) {
echo wp_json_encode( array('result'=>'error', 'message'=>'URE: Insufficient permissions') );
return false;
} else {
return true;
}
}
// end of check_user_cap()
protected function add_role() {
$editor = URE_Editor::get_instance();
$response = $editor->add_new_role();
$answer = array(
'result'=>$response['result'],
'role_id'=>$response['role_id'],
'role_name'=>$response['role_name'],
'message'=>$response['message']
);
return $answer;
}
// end of add_role()
protected function update_role() {
$editor = URE_Editor::get_instance();
$response = $editor->update_role();
$answer = array(
'result'=>$response['result'],
'role_id'=>$response['role_id'],
'role_name'=>$response['role_name'],
'message'=>$response['message']
);
return $answer;
}
// end of add_role()
protected function add_capability() {
$response = URE_Capability::add( 'role' );
$editor = URE_Editor::get_instance();
$editor->init1();
$message = $editor->init_current_role_name();
if ( empty( $message ) ) {
$view = new URE_View();
$html = $view->_show_capabilities( true, true );
} else {
$html = '';
$response['result'] = 'error';
$response['message'] = $message;
}
$answer = array('result'=>$response['result'], 'html'=>$html, 'message'=>$response['message']);
return $answer;
}
// end of add_capability()
protected function delete_capability() {
$result = URE_Capability::delete();
if ( is_array( $result ) ) {
$notification = $result['message'];
$deleted_caps = $result['deleted_caps'];
} else {
$notification = $result;
$deleted_caps = array();
}
$answer = array('result'=>'success', 'deleted_caps'=>$deleted_caps, 'message'=>$notification);
return $answer;
}
// end of delete_cap()
protected function delete_role() {
$editor = URE_Editor::get_instance();
$response = $editor->delete_role();
$answer = array(
'result'=>$response['result'],
'message'=>$response['message'],
'deleted_roles'=> $response['deleted_roles']
);
return $answer;
}
// end of delete_role()
protected function rename_role() {
$editor = URE_Editor::get_instance();
$response = $editor->rename_role();
$answer = array(
'result'=>$response['result'],
'message'=>$response['message'],
'role_id'=> $response['role_id'],
'role_name'=>$response['role_name']
);
return $answer;
}
// end of rename_role()
protected function get_caps_to_remove() {
$html = URE_Role_View::caps_to_remove_html();
$answer = array('result'=>'success', 'html'=>$html, 'message'=>'success');
return $answer;
}
// end of get_caps_to_remove()
protected function get_users_without_role() {
$new_role = $this->lib->get_request_var( 'new_role', 'post' );
if ( empty( $new_role ) ) {
$answer = array('result'=>'error', 'message'=>'Provide new role');
return $answer;
}
$assign_role = $this->lib->get_assign_role();
if ( $new_role==='no_rights') {
$assign_role->create_no_rights_role();
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles[$new_role] ) ) {
$answer = array('result'=>'error', 'message'=>'Selected new role does not exist');
return $answer;
}
$users = $assign_role->get_users_without_role();
$answer = array(
'result'=>'success',
'users'=>$users,
'new_role'=>$new_role,
'message'=>'success'
);
return $answer;
}
// end of get_users_without_role()
protected function grant_roles() {
$answer = URE_Grant_Roles::grant_roles();
return $answer;
}
// end of grant_roles()
protected function get_user_roles() {
$answer = URE_Grant_Roles::get_user_roles();
return $answer;
}
// end of get_user_roles()
protected function get_role_caps() {
$role = $this->lib->get_request_var('role', 'post' );
if ( empty( $role ) ) {
$answer = array('result'=>'error', 'message'=>'Provide role ID');
return $answer;
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles[$role] ) ) {
$answer = array('result'=>'error', 'message'=>'Requested role does not exist');
return $answer;
}
$active_items = URE_Role_Additional_Options::get_active_items();
if ( isset( $active_items[$role] ) ) {
$role_options = $active_items[$role];
} else {
$role_options = array();
}
$caps = array();
foreach( $wp_roles->roles[$role]['capabilities'] as $cap_id=>$allowed ) {
$cap = URE_Capability::escape( $cap_id );
$caps[$cap] = $allowed;
}
$answer = array(
'result'=>'success',
'message'=>'Role capabilities retrieved successfully',
'role_id'=>$role,
'role_name'=>$wp_roles->roles[$role]['name'],
'caps'=>$caps,
'options'=>$role_options
);
return $answer;
}
// end of get_role_caps()
protected function hide_pro_banner() {
$this->lib->put_option('ure_hide_pro_banner', 1);
$this->lib->flush_options();
$answer = array(
'result'=>'success',
'message'=>'Pro banner was hidden'
);
return $answer;
}
// end of hide_pro_banner()
protected function _dispatch() {
switch ( $this->action ) {
case 'update_role':
$answer = $this->update_role();
break;
case 'add_role':
$answer = $this->add_role();
break;
case 'add_capability':
$answer = $this->add_capability();
break;
case 'delete_capability':
$answer = $this->delete_capability();
break;
case 'delete_role':
$answer = $this->delete_role();
break;
case 'get_caps_to_remove':
$answer = $this->get_caps_to_remove();
break;
case 'get_users_without_role':
$answer = $this->get_users_without_role();
break;
case 'grant_roles':
$answer = $this->grant_roles();
break;
case 'get_user_roles':
$answer = $this->get_user_roles();
break;
case 'get_role_caps':
$answer = $this->get_role_caps();
break;
case 'rename_role':
$answer = $this->rename_role();
break;
case 'hide_pro_banner':
$answer = $this->hide_pro_banner();
break;
default:
$answer = array('result' => 'error', 'message' => 'Unknown action "' . $this->action . '"');
}
return $answer;
}
// end of _dispatch()
/**
* AJAX requests dispatcher
*/
public function dispatch() {
$this->action = $this->get_action();
if ( !$this->valid_nonce() || !$this->user_can() ) {
die;
}
$answer = $this->_dispatch();
$json_answer = wp_json_encode($answer);
echo $json_answer;
die;
}
// end of dispatch()
}
// end of URE_Ajax_Processor

177
wp/wp-content/plugins/user-role-editor/includes/classes/assign-role.php Normal file
View File

@@ -0,0 +1,177 @@
<?php
/**
* Project: User Role Editor plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* Greetings: some ideas and code samples for long running cron job was taken from the "Broken Link Checker" plugin (Janis Elst).
* License: GPL v2+
*
* Assign role to the users without role stuff
*/
class URE_Assign_Role {
const MAX_USERS_TO_PROCESS = 50;
private static $counter = 0;
private $lib = null;
private $quick_count = true;
function __construct() {
$this->lib = URE_Lib::get_instance();
$this->quick_count = $this->count_quick_or_thoroughly();
}
// end of __construct()
public function create_no_rights_role() {
$role_id = 'no_rights';
$role_name = 'No rights';
$wp_roles = wp_roles();
if ( isset( $wp_roles->roles[$role_id] ) ) {
return;
}
add_role( $role_id, $role_name, array() );
}
// end of create_no_rights_role()
private function count_quick_or_thoroughly() {
$quick_count = true;
if ( defined('URE_COUNT_USERS_WITHOUT_ROLE_THOROUGHLY') && URE_COUNT_USERS_WITHOUT_ROLE_THOROUGHLY ) {
$quick_count = false;
} elseif ( $this->lib->is_pro() ) {
$count_thoroughly = $this->lib->get_option( 'count_users_without_role_thoroughly', false );
if ( $count_thoroughly ) {
$quick_count = false;
}
}
$quick_count = apply_filters('ure_count_users_without_role_quick', $quick_count );
return $quick_count;
}
// end of count_quick_or_thoroughly()
private function get_thorougly_where_condition() {
global $wpdb;
$usermeta = $wpdb->usermeta;
$id = get_current_blog_id();
$blog_prefix = $wpdb->get_blog_prefix( $id );
$where = "WHERE NOT EXISTS (SELECT user_id from {$usermeta} ".
"WHERE user_id=users.ID AND meta_key='{$blog_prefix}capabilities') OR ".
"EXISTS (SELECT user_id FROM {$usermeta} ".
"WHERE user_id=users.ID AND meta_key='{$blog_prefix}capabilities' AND ".
"(meta_value='a:0:{}' OR meta_value IS NULL))";
return $where;
}
// end of get_thoroughly_where_condition()
private function get_quick_query_part2() {
global $wpdb;
$usermeta = $wpdb->usermeta;
$id = get_current_blog_id();
$blog_prefix = $wpdb->get_blog_prefix($id);
$query = "FROM {$usermeta} usermeta ".
"INNER JOIN {$wpdb->users} users ON usermeta.user_id=users.ID ".
"WHERE usermeta.meta_key='{$blog_prefix}capabilities' AND ".
"(usermeta.meta_value = 'a:0:{}' OR usermeta.meta_value is NULL)";
return $query;
}
// end of get_quick_query_part2()
private function get_users_count_query() {
global $wpdb;
if ( $this->quick_count ) {
$part2 = $this->get_quick_query_part2();
$query = "SELECT COUNT(DISTINCT usermeta.user_id) {$part2}";
} else {
$where = $this->get_thorougly_where_condition();
$query = "SELECT count(ID) FROM {$wpdb->users} users {$where}";
}
return $query;
}
// end of get_users_count_query()
public function count_users_without_role() {
global $wpdb;
$users_quant = get_transient('ure_users_without_role');
if (empty($users_quant)) {
$query = $this->get_users_count_query();
$users_quant = $wpdb->get_var( $query );
set_transient('ure_users_without_role', $users_quant, 15 );
}
return $users_quant;
}
// end of count_users_without_role()
public function get_users_without_role() {
global $wpdb;
$top_limit = self::MAX_USERS_TO_PROCESS;
if ( $this->quick_count ) {
$part2 = $this->get_quick_query_part2();
$query = "SELECT DISTINCT usermeta.user_id {$part2}
LIMIT 0, {$top_limit}";
} else {
$where = $this->get_thorougly_where_condition();
$query = "SELECT users.ID FROM {$wpdb->users} users
{$where}
LIMIT 0, {$top_limit}";
}
$users0 = $wpdb->get_col( $query );
return $users0;
}
// end of get_users_without_role()
public function show_html() {
$users_quant = $this->count_users_without_role();
if ($users_quant==0) {
return;
}
$button_number = (self::$counter>0) ? '_2': '';
?>
&nbsp;&nbsp;<input type="button" name="move_from_no_role<?php echo $button_number;?>" id="move_from_no_role<?php echo $button_number;?>" class="button"
value="Without role (<?php echo $users_quant;?>)" onclick="ure_move_users_from_no_role_dialog()">
<?php
if ( self::$counter==0 ) {
?>
<div id="move_from_no_role_dialog" class="ure-dialog">
<div id="move_from_no_role_content" style="padding: 10px;"></div>
</div>
<?php
self::$counter++;
}
}
// end of show_html()
}
// end of URE_Assign_Role class

388
wp/wp-content/plugins/user-role-editor/includes/classes/base-lib.php Normal file
View File

@@ -0,0 +1,388 @@
<?php
/*
* General stuff for usage at WordPress plugins
* Author: Vladimir Garagulya
* Author email: vladimir@shinephp.com
* Author URI: http://shinephp.com
*
*/
/**
* This class contains general stuff for usage at WordPress plugins and must be extended by child class
*/
class URE_Base_Lib {
protected static $instance = null; // object exemplar reference
protected $options_id = ''; // identifire to save/retrieve plugin options to/from wp_option DB table
protected $options = array(); // plugin options data
protected $multisite = false;
protected $active_for_network = false;
protected $main_blog_id = 0;
public static function get_instance( $options_id = '') {
if ( self::$instance===null ) {
self::$instance = new URE_Base_Lib( $options_id );
}
return self::$instance;
}
// end of get_instance()
/**
* class constructor
* @param string $options_id to save/retrieve plugin options to/from wp_option DB table
*/
protected function __construct( $options_id ) {
$this->multisite = function_exists( 'is_multisite' ) && is_multisite();
if ( $this->multisite ) {
// get Id of the 1st (main) blog
$this->main_blog_id = $this->get_main_site();
}
$this->init_options( $options_id );
}
// end of __construct()
public function get( $property_name ) {
if ( !property_exists( $this, $property_name ) ) {
syslog( LOG_ERR, 'Lib class does not have such property '. $property_name );
return null;
}
return $this->$property_name;
}
// end of get_property()
public function set( $property_name, $property_value ) {
if ( !property_exists( $this, $property_name ) ) {
syslog( LOG_ERR, 'Lib class does not have such property '. $property_name );
}
$this->$property_name = $property_value;
}
// end of get_property()
public function get_main_site() {
global $current_site;
$blog_id = is_object( $current_site ) ? $current_site->blog_id : null;
return $blog_id;
}
// end of get_main_site()
/**
* get current options for this plugin
*/
protected function init_options( $options_id ) {
$this->options_id = $options_id;
$this->options = get_option( $options_id, array() );
}
// end of init_options()
/**
* Return HTML formatted message
*
* @param string $message message text
* @param string $error_style message div CSS style
*/
public function show_message( $message, $error_style = false ) {
if ( $message ) {
if ( $error_style ) {
echo '<div id="message" class="notice notice-warning is-dismissible">';
} else {
echo '<div id="message" class="notice notice-success is-dismissible">';
}
echo '<p>'. $message . '</p></div>';
}
}
// end of show_message()
/*
* Replacer for FILTER_SANITIZE_STRING deprecated with PHP 8.1
*/
public static function filter_string_polyfill( $string ) {
$str = preg_replace('/\x00|<[^>]*>?/', '', $string);
return str_replace(["'", '"'], ['&#39;', '&#34;'], $str);
}
// end of filter_string_polyfill()
public static function filter_string_var( $raw_str ) {
$value1 = filter_var( $raw_str, FILTER_UNSAFE_RAW );
$value2 = self::filter_string_polyfill( $value1 );
return $value2;
}
// end of filter_string_var()
/**
* Returns value by name from GET/POST/REQUEST. Minimal type checking is provided
*
* @param string $var_name Variable name to return
* @param string $request_type type of request to process get/post/request (default)
* @param string $var_type variable type to provide value checking
* @return mix variable value from request
*/
public function get_request_var( $var_name, $request_type = 'request', $var_type = 'string') {
$result = 0;
$request_type = strtolower( $request_type );
switch ( $request_type ) {
case 'get': {
if ( isset( $_GET[$var_name] ) ) {
$result = self::filter_string_var( $_GET[$var_name] );
}
break;
}
case 'post': {
if ( isset( $_POST[$var_name] ) ) {
if ( $var_type!='checkbox') {
$result = self::filter_string_var( $_POST[$var_name] );
} else {
$result = 1;
}
}
break;
}
case 'request': {
if ( isset( $_REQUEST[$var_name] ) ) {
$result = self::filter_string_var( $_REQUEST[$var_name] );
}
break;
}
default: {
$result = -1; // Wrong request type value, possible mistake in a function call
}
}
if ( $result ) {
if ( $var_type == 'int' && !is_numeric( $result ) ) {
$result = 0;
}
if ( $var_type != 'int') {
$result = esc_attr( $result );
}
}
return $result;
}
// end of get_request_var()
/**
* returns option value for option with name in $option_name
*/
public function get_option( $option_name, $default = false ) {
if ( isset( $this->options[$option_name] ) ) {
$value = $this->options[$option_name];
} else {
$value = $default;
}
$value = apply_filters('ure_get_option_'. $option_name, $value );
return $value;
}
// end of get_option()
/**
* puts option value according to $option_name option name into options array property
*/
public function put_option( $option_name, $option_value, $flush_options = false ) {
if ( !is_array( $this->options ) ) {
$this->options = array();
}
$this->options[$option_name] = $option_value;
if ( $flush_options ) {
$this->flush_options();
}
}
// end of put_option()
/**
* Delete URE option with name option_name
* @param string $option_name
* @param bool $flush_options
*/
public function delete_option( $option_name, $flush_options = false ) {
if ( array_key_exists( $option_name, $this->options ) ) {
unset( $this->options[$option_name] );
if ( $flush_options ) {
$this->flush_options();
}
}
}
// end of delete_option()
/**
* Saves options array into WordPress database wp_options table
*/
public function flush_options() {
update_option( $this->options_id, $this->options );
}
// end of flush_options()
/**
* Check product version and stop execution if product version is not compatible with required one
* @param string $version1
* @param string $version2
* @param string $error_message
* @return void
*/
public static function check_version( $version1, $version2, $error_message, $plugin_file_name ) {
if ( version_compare($version1, $version2, '<') ) {
if ( is_admin() && ( !defined('DOING_AJAX') || !DOING_AJAX ) ) {
require_once ABSPATH . '/wp-admin/includes/plugin.php';
deactivate_plugins( $plugin_file_name );
new URE_Admin_Notice('warning', $error_message );
return false;
}
}
return true;
}
// end of check_version()
public function get_current_url() {
global $wp;
$current_url = esc_url_raw( add_query_arg( $wp->query_string, '', home_url( $wp->request ) ) );
return $current_url;
}
// end of get_current_url()
/**
* Returns comma separated list from the first $items_count element of $full_list array
*
* @param array $full_list
* @param int $items_count
* @return string
*/
public function get_short_list_str( $full_list, $items_count=3 ) {
if ( empty( $full_list ) || !is_array( $full_list ) ) {
return '...';
}
$short_list = array(); $i = 0;
foreach($full_list as $item) {
if ( $i>=$items_count ) {
break;
}
$short_list[] = $item;
$i++;
}
$str = implode(', ', $short_list );
if ( $items_count<count( $full_list ) ) {
$str .= ', ...';
}
return $str;
}
// end of get_short_list_str()
/**
* Prepare the list of integer or string values for usage in SQL query IN (val1, val2, ... , valN) claster
* @global wpdb $wpdb
* @param string $list_type: allowed values 'int', 'string'
* @param array $list_values: array of integers or strings
* @return string - comma separated values (CSV)
*/
public static function esc_sql_in_list( $list_type, $list_values ) {
global $wpdb;
if ( empty( $list_values ) || !is_array( $list_values ) || count( $list_values )==0 ) {
return '';
}
if ( $list_type=='int' ) {
$placeholder = '%d'; // Integer
} else {
$placeholder = '%s'; // String
}
$placeholders = array_fill( 0, count( $list_values ), $placeholder );
$str = implode(',', $placeholders );
$result = $wpdb->prepare( $str, $list_values );
return $result;
}
// end of esc_sql_in_list()
/**
* Returns the array of multi-site WP sites/blogs IDs for the current network
* @global wpdb $wpdb
* @return array
*/
public function get_blog_ids() {
global $wpdb;
if ( !$this->multisite ) {
return null;
}
$network = get_current_site();
$query = $wpdb->prepare(
"SELECT blog_id FROM {$wpdb->blogs}
WHERE site_id=%d ORDER BY blog_id ASC",
array( $network->id ) );
$blog_ids = $wpdb->get_col( $query );
return $blog_ids;
}
// end of get_blog_ids()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of URE_Base_Lib class

116
wp/wp-content/plugins/user-role-editor/includes/classes/bbpress.php Normal file
View File

@@ -0,0 +1,116 @@
<?php
/**
* Support for bbPress user roles and capabilities
*
* Project: User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: vladimir@shinephp.com
* Author URI: http://shinephp.com
*
**/
class URE_bbPress {
protected $bbpress_detected = false;
public function __construct() {
add_action('plugins_loaded', array($this, 'detect_bbpress'), 8 );
}
// end of __construct()
public function detect_bbpress() {
$this->bbpress_detected = false;
if ( function_exists('bbp_filter_blog_editable_roles') ) {
$this->bbpress_detected = true; // bbPress plugin is installed and active
}
}
// end of detect_bbpress()
public function is_active() {
return $this->bbpress_detected;
}
// end of is_active()
/**
* Exclude roles created by bbPress
*
* @global array $wp_roles
* @return array
*/
public function get_roles() {
$wp_roles = wp_roles();
if ($this->bbpress_detected) {
$roles = bbp_filter_blog_editable_roles( $wp_roles->roles ); // exclude bbPress roles
} else {
$roles = $wp_roles->roles;
}
return $roles;
}
// end of get_roles()
/**
* Get full list user capabilities created by bbPress
*
* @return array
*/
public function get_caps() {
if ( $this->bbpress_detected ) {
$caps = array_keys( bbp_get_caps_for_role( bbp_get_keymaster_role() ) );
} else {
$caps = array();
}
return $caps;
}
// end of get_caps()
/**
* Return empty array in order do not include bbPress roles into selectable lists: supported by Pro version only
* @return array
*/
public function get_bbp_editable_roles() {
$all_bbp_roles = array();
return $all_bbp_roles;
}
// end of get_bbp_editable_roles()
/**
* Return bbPress roles found at $roles array. Used to exclude bbPress roles from processing as free version should not support them
*
* @param array $roles
* @return array
*/
public function extract_bbp_roles($roles) {
$user_bbp_roles = array();
if ( $this->bbpress_detected ) {
$all_bbp_roles = array_keys( bbp_get_dynamic_roles() );
foreach( $roles as $role ) {
if ( in_array( $role, $all_bbp_roles ) ) {
$user_bbp_roles[] = $role;
}
}
}
return $user_bbp_roles;
}
// end of extract_bbp_roles()
}
// end of URE_bbPress class

505
wp/wp-content/plugins/user-role-editor/includes/classes/capabilities-groups-manager.php Normal file
View File

@@ -0,0 +1,505 @@
<?php
/**
* Class to group user capabilities for better structuring
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Capabilities_Groups_Manager {
private static $instance = null;
private $lib = null;
private $groups = null;
private $built_in_wp_caps = null;
private $cpt_caps = null;
public static function get_instance() {
if (self::$instance === null) {
// new static() will work too
self::$instance = new URE_Capabilities_Groups_Manager();
}
return self::$instance;
}
// end of get_instance()
private function __construct() {
$this->lib = URE_Lib::get_instance();
$this->_get_built_in_wp_caps();
$this->_get_all_custom_post_types_caps();
}
// end of __construct()
public function add_custom_post_types() {
$this->groups['custom_post_types'] = array(
'caption'=>esc_html__('Custom Post Types', 'user-role-editor'),
'parent'=>'all',
'level'=>1
);
$post_types = get_post_types( array(), 'objects');
$_post_types = $this->lib->_get_post_types();
$built_in_pt = array('post', 'page');
if ( $post_types['attachment']->cap->edit_posts=='edit_posts') {
$built_in_pt[] = 'attachment';
}
$show_wc_post_types_under_wc_only = apply_filters('ure_show_wc_post_types_under_wc_only', false);
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) || in_array( $post_type->name, $built_in_pt ) ) {
continue;
}
if ( $show_wc_post_types_under_wc_only && in_array( $post_type->name, URE_Woocommerce_Capabilities::$post_types ) ) {
continue;
}
/*
if (!$post_type->public) {
continue;
}
*
*/
$this->groups[$post_type->name] = array(
'caption'=>$post_type->labels->name,
'parent'=>'custom_post_types',
'level'=>2
);
}
}
// end of add_custom_post_types()
private function add_ure_group() {
$this->groups['user_role_editor'] = array(
'caption'=>esc_html__('User Role Editor', 'user-role-editor'),
'parent'=>'custom',
'level'=>2
);
}
// end of get_ure_group()
private function add_woocommerce_groups() {
$full_caps = $this->lib->init_full_capabilities( 'role' );
if ( !isset( $full_caps['manage_woocommerce'] ) ) {
return;
}
$post_types = get_post_types( array(), 'objects');
$this->groups['woocommerce'] = array(
'caption'=>esc_html__('WooCommerce', 'user-role-editor'),
'parent'=>'custom',
'level'=>2
);
$this->groups['woocommerce_core'] = array(
'caption'=>esc_html__('Core', 'user-role-editor'),
'parent'=>'woocommerce',
'level'=>3
);
foreach( URE_Woocommerce_Capabilities::$post_types as $post_type ) {
if ( !isset( $post_types[$post_type] ) ) {
continue;
}
$this->groups['woocommerce_'. $post_type] = array(
'caption'=>$post_types[$post_type]->labels->name,
'parent'=>'woocommerce',
'level'=>3
);
}
}
// end of add_woocommerce_group()
private function get_base_wp_groups() {
$groups = array(
'all'=>array(
'caption'=>esc_html__('All', 'user-role-editor'),
'parent'=>null,
'level'=>0
),
'core'=>array(
'caption'=>esc_html__('Core', 'user-role-editor'),
'parent'=>'all',
'level'=>1
),
'general'=>array(
'caption'=>esc_html__('General', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'themes'=>array(
'caption'=>esc_html__('Themes', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'posts'=>array(
'caption'=>esc_html__('Posts', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'pages'=>array(
'caption'=>esc_html__('Pages', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'plugins'=>array(
'caption'=>esc_html__('Plugins', 'user-role-editor'),
'parent'=>'core',
'level'=>2
),
'users'=>array(
'caption'=>esc_html__('Users', 'user-role-editor'),
'parent'=>'core',
'level'=>2
)
);
return $groups;
}
// end of get_base_wp_groups
public function get_groups_tree() {
if ($this->groups!==null) {
return $this->groups;
}
$this->groups = $this->get_base_wp_groups();
$multisite = $this->lib->get('multisite');
if ( $multisite ) {
$this->groups['multisite'] = array(
'caption'=>esc_html__('Multisite', 'user-role-editor'),
'parent'=>'core',
'level'=>2
);
}
$this->groups['deprecated'] = array(
'caption'=>esc_html__('Deprecated', 'user-role-editor'),
'parent'=>'core',
'level'=>2
);
$this->add_custom_post_types();
$this->groups['custom'] = array(
'caption'=>esc_html__('Custom capabilities', 'user-role-editor'),
'parent'=>'all',
'level'=>1
);
$this->add_ure_group();
$this->add_woocommerce_groups();
$this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
return $this->groups;
}
// end of get_groups_tree()
/**
* return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
*
* @return array
*/
private function _get_built_in_wp_caps() {
$wp_version = get_bloginfo('version');
$multisite = $this->lib->get('multisite');
$caps = array();
$caps['switch_themes'] = array('core', 'themes');
$caps['edit_themes'] = array('core', 'themes');
$caps['activate_plugins'] = array('core', 'plugins');
$caps['edit_plugins'] = array('core', 'plugins');
$caps['edit_users'] = array('core', 'users');
$caps['edit_files'] = array('core', 'deprecated');
$caps['manage_options'] = array('core', 'general');
$caps['moderate_comments'] = array('core', 'posts', 'general');
$caps['manage_categories'] = array('core', 'posts', 'general');
$caps['manage_links'] = array('core', 'general');
$caps['upload_files'] = array('core', 'general');
$caps['import'] = array('core', 'general');
$caps['unfiltered_html'] = array('core','general');
if ( $multisite ) {
$caps['unfiltered_html'] = array('deprecated');
}
$caps['edit_posts'] = array('core', 'posts');
$caps['edit_others_posts'] = array('core', 'posts');
$caps['edit_published_posts'] = array('core', 'posts');
$caps['publish_posts'] = array('core', 'posts');
$caps['edit_pages'] = array('core', 'pages');
$caps['read'] = array('core', 'general');
$caps['level_10'] = array('core', 'deprecated');
$caps['level_9'] = array('core', 'deprecated');
$caps['level_8'] = array('core', 'deprecated');
$caps['level_7'] = array('core', 'deprecated');
$caps['level_6'] = array('core', 'deprecated');
$caps['level_5'] = array('core', 'deprecated');
$caps['level_4'] = array('core', 'deprecated');
$caps['level_3'] = array('core', 'deprecated');
$caps['level_2'] = array('core', 'deprecated');
$caps['level_1'] = array('core', 'deprecated');
$caps['level_0'] = array('core', 'deprecated');
$caps['edit_others_pages'] = array('core', 'pages');
$caps['edit_published_pages'] = array('core', 'pages');
$caps['publish_pages'] = array('core', 'pages');
$caps['delete_pages'] = array('core', 'pages');
$caps['delete_others_pages'] = array('core', 'pages');
$caps['delete_published_pages'] = array('core', 'pages');
$caps['delete_posts'] = array('core', 'posts');
$caps['delete_others_posts'] = array('core', 'posts');
$caps['delete_published_posts'] = array('core', 'posts');
$caps['delete_private_posts'] = array('core', 'posts');
$caps['edit_private_posts'] = array('core', 'posts');
$caps['read_private_posts'] = array('core', 'posts');
$caps['delete_private_pages'] = array('core', 'pages');
$caps['edit_private_pages'] = array('core', 'pages');
$caps['read_private_pages'] = array('core', 'pages');
$caps['unfiltered_upload'] = array('core', 'general');
$caps['edit_dashboard'] = array('core', 'general');
$caps['update_plugins'] = array('core', 'plugins');
$caps['delete_plugins'] = array('core', 'plugins');
$caps['install_plugins'] = array('core', 'plugins');
$caps['update_themes'] = array('core', 'themes');
$caps['install_themes'] = array('core', 'themes');
$caps['update_core'] = array('core', 'general');
$caps['list_users'] = array('core', 'users');
$caps['remove_users'] = array('core', 'users');
if ( version_compare( $wp_version, '4.4', '<') ) {
$caps['add_users'] = array('core', 'users'); // removed from WP v. 4.4.
}
$caps['promote_users'] = array('core', 'users');
$caps['edit_theme_options'] = array('core', 'themes');
$caps['delete_themes'] = array('core', 'themes');
$caps['export'] = array('core', 'general');
$caps['delete_users'] = array('core', 'users');
$caps['create_users'] = array('core', 'users');
if ( $multisite ) {
$caps['create_sites'] = array('core', 'multisite', 'general');
$caps['delete_sites'] = array('core', 'multisite', 'general');
$caps['manage_network'] = array('core', 'multisite', 'general');
$caps['manage_sites'] = array('core', 'multisite', 'general');
$caps['manage_network_users'] = array('core', 'multisite', 'users');
$caps['manage_network_plugins'] = array('core', 'multisite', 'plugins');
$caps['manage_network_themes'] = array('core', 'multisite', 'themes');
$caps['manage_network_options'] = array('core', 'multisite', 'general');
$caps['upgrade_network'] = array('core', 'multisite', 'general');
}
$caps['install_languages'] = array('core', 'general');
$caps['resume_plugins'] = array('core', 'plugins');
$caps['resume_themes'] = array('core', 'themes');
$caps['view_site_health_checks'] = array('core', 'general');
$caps = apply_filters('ure_built_in_wp_caps', $caps );
$this->built_in_wp_caps = $caps;
return $this->built_in_wp_caps;
}
// end of _get_built_in_wp_caps()
public function get_built_in_wp_caps() {
return $this->built_in_wp_caps;
}
// end of get_built_in_wp_caps()
private function get_post_types_without_caps() {
$pt_without_caps = array();
$wc_pts = URE_Woocommerce_Capabilities::get_post_types_without_caps();
$pt_without_caps = ure_array_merge( $pt_without_caps, $wc_pts );
return $pt_without_caps;
}
// end of get_post_types_without_caps()
/**
* Get capabilities registered with custom post type
*
* @param object $post_type
* @param array $post_edit_caps
*/
private function get_registered_cpt_caps( $post_type, $post_edit_caps ) {
foreach ( $post_edit_caps as $capability ) {
if ( isset( $post_type->cap->$capability ) ) {
$cap = $post_type->cap->$capability;
} else {
continue;
}
if ( !isset( $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap] = array();
} else if ( in_array( $post_type->name, $this->cpt_caps[$cap] ) ) {
continue;
}
if ( !isset($this->built_in_wp_caps[$cap]) &&
!in_array( 'custom', $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap][] = 'custom';
}
if ( !in_array( 'custom_post_types', $this->cpt_caps[$cap] ) ) {
$this->cpt_caps[$cap][] = 'custom_post_types';
}
$this->cpt_caps[$cap][] = $post_type->name;
}
}
// end of get_registered_cpt_caps()
private function add_group_to_edit_post_cap( $post_type, $post_edit_caps ) {
foreach( $post_edit_caps as $cap_id ) {
$this->built_in_wp_caps[$cap_id][] = $post_type->name;
if ( !in_array('custom_post_types', $this->built_in_wp_caps[$cap_id] ) ) {
$this->built_in_wp_caps[$cap_id][] = 'custom_post_types';
}
}
}
// end of add_group_to_edit_post_cap()
private function get_custom_post_type_caps( $post_type, $post_edit_caps ) {
$pt_without_caps = $this->get_post_types_without_caps();
if ( in_array($post_type->name, $pt_without_caps ) ) {
return;
}
// take into account custom post types, which uses built-in post or page capabilities
if ( in_array( $post_type->capability_type, array('post', 'page') ) ) {
$this->add_group_to_edit_post_cap( $post_type, $post_edit_caps );
return;
}
$this->get_registered_cpt_caps( $post_type, $post_edit_caps );
}
// end of get_custom_post_type_caps()
private function _get_all_custom_post_types_caps() {
$post_edit_caps = $this->lib->get_edit_post_capabilities();
$post_types = get_post_types( array(), 'objects' );
$_post_types = $this->lib->_get_post_types();
$built_in_pt = array('post', 'page');
if ( $post_types['attachment']->cap->edit_posts=='edit_posts') {
$built_in_pt[] = 'attachment';
}
$this->cpt_caps = array();
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) ) {
continue;
}
if ( in_array( $post_type->name, $built_in_pt ) ) {
continue;
}
if ( !isset( $post_type->cap ) ) {
continue;
}
$this->get_custom_post_type_caps( $post_type, $post_edit_caps );
}
return $this->cpt_caps;
}
// end of _get_all_custom_post_types_capabilities()
private function get_groups_for_custom_cap( $cap_id ) {
$ure_caps = URE_Own_Capabilities::get_caps_groups();
if ( isset( $ure_caps[$cap_id] ) ) {
$groups1 = $ure_caps[$cap_id];
}
if ( empty( $groups1 ) ) {
$wc_caps = URE_Woocommerce_Capabilities::get_caps_groups();
if ( isset($wc_caps[$cap_id] ) ) {
$groups1 = $wc_caps[$cap_id];
}
}
if ( isset( $this->cpt_caps[$cap_id] ) ) {
$groups2 = $this->cpt_caps[$cap_id];
}
$groups = array('custom');
if ( !empty( $groups1 ) ) {
$groups = ure_array_merge( $groups, $groups1 );
}
if ( !empty( $groups2 ) ) {
$groups = ure_array_merge( $groups, $groups2 );
}
return $groups;
}
// end of get_groups_for_custom_cap()
public function get_cap_groups( $cap_id, $built_in_wp_caps=null ) {
if ( isset( $this->built_in_wp_caps[$cap_id] ) ) {
$groups = $built_in_wp_caps[$cap_id];
} else {
$groups = $this->get_groups_for_custom_cap( $cap_id );
}
$groups = apply_filters('ure_custom_capability_groups', $groups, $cap_id );
$groups[] = 'all'; // Every capability belongs to the 'all' group
$groups = array_unique( $groups );
foreach( $groups as $key=>$value ) {
$groups[$key] = 'ure-'. $value;
}
return $groups;
}
// end of get_cap_groups()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of class URE_Capabilities_Groups_Manager

461
wp/wp-content/plugins/user-role-editor/includes/classes/capabilities.php Normal file
View File

@@ -0,0 +1,461 @@
<?php
/**
* Class to prepare full user capabilities list for URE editor
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulia <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2021, Vladimir Garagulia
**/
class URE_Capabilities {
private static $instance = null;
private $lib = null;
private $built_in_wp_caps = null;
public static function get_instance() {
if ( self::$instance === null ) {
// new static() will work too
self::$instance = new URE_Capabilities();
}
return self::$instance;
}
// end of get_instance()
private function __construct() {
$this->lib = URE_Lib::get_instance();
$this->built_in_wp_caps = $this->lib->get_built_in_wp_caps();
}
// end of __construct()
protected function convert_cap_to_readable( $cap_name ) {
$cap_name = str_replace('_', ' ', $cap_name);
$cap_name = ucfirst($cap_name);
return $cap_name;
}
// convert_cap_to_readable
protected function add_capability_to_full_caps_list( $cap_id, &$full_list ) {
if ( isset( $full_list[$cap_id] ) ) { // if capability was added already
return;
}
$cap = array();
$cap['inner'] = $cap_id;
$cap['human'] = esc_html__( $this->convert_cap_to_readable( $cap_id ) , 'user-role-editor' );
if ( isset( $this->built_in_wp_caps[$cap_id] ) ) {
$cap['wp_core'] = true;
} else {
$cap['wp_core'] = false;
}
$full_list[$cap_id] = $cap;
}
// end of add_capability_to_full_caps_list()
/**
* Add capabilities from user roles save at WordPress database
*
*/
protected function add_roles_caps( &$full_list ) {
$roles = $this->lib->get_user_roles();
foreach ( $roles as $role ) {
// validate if capabilities is an array
if ( !isset( $role['capabilities'] ) || !is_array( $role['capabilities'] ) ) {
continue;
}
foreach ( array_keys( $role['capabilities'] ) as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
}
// end of add_roles_caps()
/**
* Add Gravity Forms plugin capabilities, if available
*
*/
protected function add_gravity_forms_caps( &$full_list ) {
if ( !class_exists( 'GFCommon' ) ) {
return;
}
$gf_caps = GFCommon::all_caps();
foreach ( $gf_caps as $gf_cap ) {
$this->add_capability_to_full_caps_list( $gf_cap, $full_list );
}
}
// end of add_gravity_forms_caps()
/**
* Add bbPress plugin user capabilities (if available)
*/
protected function add_bbpress_caps( &$full_list ) {
$bbpress = $this->lib->get_bbpress();
if ( !$bbpress->is_active() ) {
return;
}
$caps = $bbpress->get_caps();
foreach ( $caps as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_bbpress_caps()
/**
* Provide compatibility with plugins and themes which define their custom user capabilities using
* 'members_get_capabilities' filter from Justin Tadlock Members plugin
* https://wordpress.org/plugins/members/
*
*/
protected function add_members_caps( &$full_list ) {
$custom_caps = array();
$custom_caps = apply_filters( 'members_get_capabilities', $custom_caps );
foreach ( $custom_caps as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_members_caps()
/**
* Add capabilities assigned directly to user, and not included into any role
*
*/
protected function add_user_caps( &$full_list ) {
$editor = URE_Editor::get_instance();
$user = $editor->get('user_to_edit');
$roles = $editor->get('roles');
foreach( array_keys( $user->caps ) as $cap ) {
if ( !isset( $roles[$cap] ) ) { // it is the user capability, not role
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
}
// end of add_user_caps()
/**
* Add built-in WordPress caps in case some of them were not included to the roles for some reason
*
*/
protected function add_wordpress_caps( &$full_list ) {
foreach ( array_keys( $this->built_in_wp_caps ) as $cap ) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_wordpress_caps()
protected function add_create_cap_to_admin( $post_type_name ) {
global $wp_roles;
$post_type = get_post_type_object( $post_type_name );
if ( $post_type->cap->create_posts!=='edit_'. $post_type->name .'s' ) { // 'create' capability is active
if ( !isset( $wp_roles->role_objects['administrator']->capabilities[$post_type->cap->create_posts] ) ) {
$wp_roles->role_objects['administrator']->add_cap( $post_type->cap->create_posts, true );
}
}
}
// end of add_create_caps_to_admin()
public static function add_cap_to_roles( $roles, $cap ) {
if ( !is_array( $roles ) || count( $roles )==0 ) {
return;
}
$wp_roles = wp_roles();
foreach( $roles as $role ) {
if ( isset( $wp_roles->role_objects[$role] ) &&
!isset( $wp_roles->role_objects[$role]->capabilities[$cap] ) ) {
$wp_roles->role_objects[$role]->add_cap( $cap, true );
}
}
}
// end of add_cap_to_roles()
protected function add_custom_post_type_caps( &$full_list ) {
$multisite = $this->lib->get( 'multisite' );
// admin should be capable to edit any posts
$cpt_editor_roles0 = !$multisite ? array('administrator') : array();
$capabilities = $this->lib->get_edit_post_capabilities();
$post_types = get_post_types( array(), 'objects' );
$_post_types = $this->lib->_get_post_types();
// do not forget attachment post type as it may use the own capabilities set
$attachment_post_type = get_post_type_object( 'attachment' );
if ( $attachment_post_type->cap->edit_posts!=='edit_posts' ) {
$post_types['attachment'] = $attachment_post_type;
}
foreach( $post_types as $post_type ) {
if ( !isset( $_post_types[$post_type->name] ) ) {
continue;
}
if ( !isset($post_type->cap) ) {
continue;
}
$cpt_editor_roles = apply_filters( 'ure_cpt_editor_roles', $cpt_editor_roles0, $post_type->name );
foreach( $capabilities as $capability ) {
if ( !isset( $post_type->cap->$capability ) ) {
continue;
}
$cap_to_check = $post_type->cap->$capability;
$this->add_capability_to_full_caps_list( $cap_to_check, $full_list );
self::add_cap_to_roles( $cpt_editor_roles, $cap_to_check );
}
}
$wp_roles = wp_roles();
if ( !$multisite && isset( $wp_roles->role_objects['administrator'] ) ) {
// admin should be capable to create posts and pages
foreach( array( 'post', 'page' ) as $post_type_name ) {
$this->add_create_cap_to_admin( $post_type_name );
}
}
}
// end of add_custom_post_type_caps()
protected function add_custom_taxonomies_caps( &$full_list ) {
$taxonomies = $this->lib->get_custom_taxonomies( 'objects' );
if ( empty( $taxonomies ) ) {
return;
}
$multisite = $this->lib->get( 'multisite' );
// admin should be capable to edit any taxonomy
$cpt_editor_roles0 = !$multisite ? array('administrator') : array();
$caps_to_check = array('manage_terms', 'edit_terms', 'delete_terms', 'assign_terms');
foreach( $taxonomies as $taxonomy ) {
$cpt_editor_roles = apply_filters( 'ure_cpt_editor_roles', $cpt_editor_roles0, $taxonomy->name );
foreach( $caps_to_check as $capability ) {
$cap_to_check = $taxonomy->cap->$capability;
$this->add_capability_to_full_caps_list( $cap_to_check, $full_list );
self::add_cap_to_roles( $cpt_editor_roles, $cap_to_check );
}
}
}
// end of add_custom_taxonomies_caps()
/**
* Add capabilities for URE permissions system in case some were excluded from Administrator role
*
*/
protected function add_ure_caps( &$full_list ) {
$key_cap = URE_Own_Capabilities::get_key_capability();
if ( !current_user_can( $key_cap ) ) {
return;
}
$ure_caps = URE_Own_Capabilities::get_caps();
foreach(array_keys($ure_caps) as $cap) {
$this->add_capability_to_full_caps_list( $cap, $full_list );
}
}
// end of add_ure_caps()
// Under the single site WordPress installation administrator role should have all existing capabilities included
protected function grant_all_caps_to_admin( $full_list ) {
$multisite = $this->lib->get( 'multisite' );
if ( $multisite ) {
// There is a superadmin user under WP multisite, so single site administrator role may do not have full list of capabilities.
return;
}
$wp_roles = wp_roles();
if ( !isset( $wp_roles->role_objects['administrator'] ) ) {
return;
}
// Use this filter as the last chance to stop this
$grant = apply_filters('ure_grant_all_caps_to_admin', true );
if ( empty( $grant) ) {
return;
}
$admin_role = $wp_roles->role_objects['administrator'];
$updated = false;
foreach( $full_list as $capability ) {
$cap = $capability['inner'];
if ( !$admin_role->has_cap( $cap ) ) {
$admin_role->add_cap( $cap );
$updated = true;
}
}
if ( $updated ) { // Flush the changes to the database
$use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$admin_role->add_cap('read'); // administrator always should can 'read'
$wp_roles->use_db = $use_db;
}
}
// end of grant_all_caps_to_admin()
public function init_full_list( $ure_object ) {
$full_list = array();
$this->add_roles_caps( $full_list );
$this->add_gravity_forms_caps( $full_list );
$this->add_bbpress_caps( $full_list );
$this->add_members_caps( $full_list );
if ($ure_object=='user') {
$this->add_user_caps( $full_list );
}
$this->add_wordpress_caps( $full_list );
$this->add_custom_post_type_caps( $full_list );
$this->add_custom_taxonomies_caps( $full_list );
$this->add_ure_caps( $full_list );
asort( $full_list );
$full_list = apply_filters('ure_full_capabilites', $full_list );
$this->grant_all_caps_to_admin( $full_list );
return $full_list;
}
// end of init_full_list();
/**
* Build full capabilities list from all roles
*/
private function get_full_caps_list_from_roles() {
$wp_roles = wp_roles();
// build full capabilities list from all roles
$full_caps_list = array();
foreach ( $wp_roles->roles as $role ) {
// validate if capabilities is an array
if ( isset( $role['capabilities'] ) && is_array( $role['capabilities'] ) ) {
foreach ( $role['capabilities'] as $capability => $value ) {
if ( !isset( $full_caps_list[$capability] ) ) {
$full_caps_list[$capability] = true;
}
}
}
}
return $full_caps_list;
}
// end of get_full_caps_list_from_roles()
/**
* Returns array of WPBakery Visual Composer plugin capabilities
* extracted by 'vc_access_rules_' prefix
*/
protected function get_visual_composer_caps($full_caps_list) {
$caps = array();
foreach( array_keys( $full_caps_list ) as $cap ) {
if ( strpos( $cap, 'vc_access_rules_')!==false ) {
$caps[$cap] = 1;
}
}
return $caps;
}
// end of get_visual_composer_caps()
/**
* return the array of unused user capabilities
*
* @global WP_Roles $wp_roles
* @return array
*/
public function get_caps_to_remove() {
$wp_roles = wp_roles();
$full_caps_list = $this->get_full_caps_list_from_roles();
$caps_to_exclude = $this->built_in_wp_caps;
$ure_caps = URE_Own_Capabilities::get_caps();
$visual_composer_caps = $this->get_visual_composer_caps($full_caps_list);
$caps_to_exclude = ure_array_merge($caps_to_exclude, $ure_caps, $visual_composer_caps);
$caps_to_remove = array();
$caps = array_keys( $full_caps_list );
foreach ( $caps as $cap ) {
if ( isset( $caps_to_exclude[$cap] ) ) { // do not touch built-in WP caps, URE own caps and Visual Composer caps
continue;
}
// check roles
$cap_in_use = false;
foreach ( $wp_roles->role_objects as $wp_role ) {
if ( $wp_role->name === 'administrator' ) {
continue;
}
if ( $wp_role->has_cap( $cap ) ) {
$cap_in_use = true;
break;
}
}
if ( !$cap_in_use ) {
$caps_to_remove[$cap] = 1;
}
} // foreach(...)
return $caps_to_remove;
}
// end of get_caps_to_remove()
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of URE_Capabilities class

240
wp/wp-content/plugins/user-role-editor/includes/classes/capability.php Normal file
View File

@@ -0,0 +1,240 @@
<?php
/**
* Class to work with user capability
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2021, Vladimir Garagulya
**/
class URE_Capability {
public static function escape( $cap_id ) {
$search = array(' ', '/', '|', '{', '}', '$');
$replace = array('_', '_', '_', '_', '_', '_');
$cap_id_esc = str_replace( $search, $replace, $cap_id );
return $cap_id_esc;
}
// end escape()
// Sanitize user input for security
// do not allow to use internally used capabilities
public static function validate( $cap_id_raw ) {
$match = array();
$found = preg_match('/[A-Za-z0-9_\-]*/', $cap_id_raw, $match );
if ( !$found || ($found && ( $match[0]!=$cap_id_raw ) ) ) { // some non-alphanumeric charactes found!
$data = array(
'result'=>false,
'message'=>esc_html__('Error: Capability name must contain latin characters and digits only!', 'user-role-editor'),
'cap_id'=>''
);
return $data;
}
$cap_id = strtolower( $match[0] );
if ( $cap_id=='do_not_allow' ) {
$data = array(
'result'=>false,
'message'=>esc_html__('Error: this capability is used internally by WordPress', 'user-role-editor'),
'cap_id'=>'do_not_allow'
);
return $data;
}
if ( $cap_id=='administrator' ) {
$data = array(
'result'=>false,
'message'=>esc_html__('Error: this word is used by WordPress as a role ID', 'user-role-editor'),
'cap_id'=>'administrator'
);
return $data;
}
$data = array(
'result'=>true,
'message'=>'Success',
'cap_id'=>$cap_id
);
return $data;
}
// end of validate()
/**
* Add new user capability
*
* @global WP_Roles $wp_roles
* @return string
*/
public static function add( $ure_object ) {
global $wp_roles;
$response = array(
'result'=>'error',
'capability_id'=>'',
'html'=>'',
'message'=>''
);
if ( !current_user_can( 'ure_create_capabilities' ) ) {
$response['message'] = esc_html__( 'Insufficient permissions to work with User Role Editor', 'user-role-editor' );
return $response;
}
$mess = '';
if ( !isset( $_POST['capability_id'] ) || empty( $_POST['capability_id'] ) ) {
$response['message'] = esc_html__( 'Wrong Request', 'user-role-editor' );
return $response;
}
$data = self::validate( $_POST['capability_id'] );
if ( !$data['result'] ) {
$response['message'] = $data['message'];
return $response;
}
$cap_id = $data['cap_id'];
$lib = URE_Lib::get_instance();
$full_capabilities = $lib->init_full_capabilities( $ure_object );
if ( !isset( $full_capabilities[$cap_id] ) ) {
$admin_role = $lib->get_admin_role();
$use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$wp_roles->add_cap( $admin_role, $cap_id );
$wp_roles->use_db = $use_db;
$response['result'] = 'success';
$response['message'] = sprintf( esc_html__( 'Capability %s was added successfully', 'user-role-editor' ), $cap_id );
} else {
$response['message'] = sprintf( esc_html__( 'Capability %s exists already', 'user-role-editor' ), $cap_id );
}
return $response;
}
// end of add()
/**
* Extract capabilities selected for deletion from the $_POST global
*
* @return array
*/
private static function get_caps_for_deletion_from_post( $caps_allowed_to_remove ) {
if ( isset( $_POST['values'] ) ) {
$input_buff = $_POST['values'];
} else {
$input_buff = $_POST;
}
$caps = array();
foreach( $input_buff as $key=>$value ) {
if ( substr( $key, 0, 3 )!=='rm_' ) {
continue;
}
if ( !isset( $caps_allowed_to_remove[$value]) ) {
continue;
}
$caps[] = $value;
}
return $caps;
}
// end of get_caps_for_deletion_from_post()
private static function revoke_caps_from_user( $user_id, $caps ) {
$user = get_user_to_edit( $user_id );
foreach( $caps as $cap_id ) {
if ( !isset( $user->caps[$cap_id] ) ) {
continue;
}
// Prevent sudden revoke role 'administrator' from a user during 'administrator' capability deletion.
if ( $cap_id=='administrator') {
continue;
}
$user->remove_cap( $cap_id );
}
}
// end of revoke_caps_from_user()
private static function revoke_caps_from_role( $wp_role, $caps ) {
foreach( $caps as $cap_id ) {
if ( $wp_role->has_cap( $cap_id ) ) {
$wp_role->remove_cap( $cap_id );
}
}
}
// end of revoke_caps_from_role()
private static function revoke_caps( $caps ) {
global $wpdb, $wp_roles;
// remove caps from users
$users_ids = $wpdb->get_col("SELECT $wpdb->users.ID FROM $wpdb->users");
foreach ( $users_ids as $user_id ) {
self::revoke_caps_from_user( $user_id, $caps );
}
// remove caps from roles
foreach ( $wp_roles->role_objects as $wp_role ) {
self::revoke_caps_from_role( $wp_role, $caps );
}
}
// end of revoke_caps()
/**
* Delete capability
*
* @global WP_Roles $wp_roles
* @return string - information message
*/
public static function delete() {
if ( !current_user_can( 'ure_delete_capabilities' ) ) {
return esc_html__( 'Insufficient permissions to work with User Role Editor','user-role-editor' );
}
$capabilities = URE_Capabilities::get_instance();
$mess = '';
$caps_allowed_to_remove = $capabilities->get_caps_to_remove();
if ( !is_array( $caps_allowed_to_remove ) || count( $caps_allowed_to_remove )==0 ) {
return esc_html__( 'There are no capabilities available for deletion!', 'user-role-editor' );
}
$caps = self::get_caps_for_deletion_from_post( $caps_allowed_to_remove );
if ( empty( $caps ) ) {
return esc_html__( 'There are no capabilities available for deletion!', 'user-role-editor' );
}
self::revoke_caps( $caps );
if ( count( $caps )==1 ) {
$mess = sprintf( esc_html__( 'Capability %s was removed successfully', 'user-role-editor' ), $caps[0] );
} else {
$lib = URE_Lib::get_instance();
$short_list_str = $lib->get_short_list_str( $caps );
$mess = count( $caps ) .' '. esc_html__( 'capabilities were removed successfully', 'user-role-editor' ) .': '.
$short_list_str;
}
// Escape every capability ID to remove from the HTML markup related div by ID
$esc_caps = array();
foreach( $caps as $key=>$cap ) {
$esc_caps[$key] = self::escape( $cap );
}
return array('message'=>$mess, 'deleted_caps'=>$esc_caps);
}
// end of delete()
}
// end of class URE_Capability

1646
wp/wp-content/plugins/user-role-editor/includes/classes/editor.php Normal file
View File

File diff suppressed because it is too large Load Diff

495
wp/wp-content/plugins/user-role-editor/includes/classes/grant-roles.php Normal file
View File

@@ -0,0 +1,495 @@
<?php
/**
* Project: User Role Editor plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
* Assign multiple roles to the list of selected users directly from the "Users" page
* Grant/Revoke single role to/from selected users
*/
class URE_Grant_Roles {
const NO_ROLE_FOR_THIS_SITE = 'no-role-for-this-site';
private $lib = null;
private static $counter = 0;
public function __construct() {
$this->lib = URE_Lib::get_instance();
add_action( 'load-users.php', array( $this, 'load' ) );
}
// end of __construct()
public function load() {
add_action('restrict_manage_users', array($this, 'show_roles_manage_html') );
add_action('admin_head', array(User_Role_Editor::get_instance(), 'add_css_to_users_page') );
add_action('admin_enqueue_scripts', array($this, 'load_js') );
$this->update_roles();
}
// end of load()
private static function validate_users($users) {
if (!is_array($users)) {
return false;
}
foreach ($users as $user_id) {
if (!is_numeric($user_id)) {
return false;
}
if ( !current_user_can( 'promote_user', $user_id ) ) {
return false;
}
if ( is_multisite() && !is_user_member_of_blog( $user_id ) ) {
return false;
}
}
return true;
}
// end of validate_users()
private function add_role( $users ) {
if ( !empty( $_REQUEST['ure_add_role'] ) ) {
$role = $_REQUEST['ure_add_role'];
} else {
$role = $_REQUEST['ure_add_role_2'];
}
if ( !self::validate_roles( array($role=>$role) ) ) {
return;
}
$done = false;
foreach( $users as $user_id ) {
$user = get_user_by( 'id', $user_id );
if (empty( $user ) ) {
continue;
}
if ( empty($user->roles) || !in_array( $role, $user->roles ) ) {
$user->add_role( $role );
$done = true;
}
}
if ( $done ) {
// Redirect to the users screen.
if ( wp_redirect( add_query_arg( 'update', 'promote', 'users.php' ) ) ) {
exit;
}
}
}
// end of add_role()
private function is_try_remove_admin_from_himself( $user_id, $role) {
$result = false;
$current_user = wp_get_current_user();
$wp_roles = wp_roles();
$role_caps = array_keys( $wp_roles->roles[$role]['capabilities'] );
$is_current_user = ( $user_id == $current_user->ID );
$role_can_promote = in_array('promote_users', $role_caps);
$can_manage_network = is_multisite() && current_user_can( 'manage_network_users' );
// If the removed role has the `promote_users` cap and user is removing it from himself
if ( $is_current_user && $role_can_promote && !$can_manage_network ) {
$result = true;
// Loop through the current user's roles.
foreach ($current_user->roles as $_role) {
$_role_caps = array_keys( $wp_roles->roles[$_role]['capabilities'] );
// If the current user has another role that can promote users, it's safe to remove the role. Else, the current user should to keep this role.
if ( ($role!==$_role) && in_array( 'promote_users', $_role_caps ) ) {
$result = false;
break;
}
}
}
return $result;
}
private function revoke_role( $users ) {
if ( !empty( $_REQUEST['ure_revoke_role'] ) ) {
$role = $_REQUEST['ure_revoke_role'];
} else {
$role = $_REQUEST['ure_revoke_role_2'];
}
if ( !self::validate_roles( array($role=>$role) ) ) {
return;
}
$done = false;
foreach( $users as $user_id ) {
$user = get_user_by( 'id', $user_id );
if (empty( $user ) ) {
continue;
}
if ($this->is_try_remove_admin_from_himself( $user_id, $role ) ) {
continue;
}
if ( is_array($user->roles) && in_array( $role, $user->roles ) ) {
$user->remove_role( $role );
$done = true;
}
}
if ( $done ) {
if ( wp_redirect( add_query_arg( 'update', 'promote', 'users.php' ) ) ) {
exit;
}
}
}
// end of revoke_role()
private function update_roles() {
if ( empty( $_REQUEST['users'] ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return;
}
$users = (array) $_REQUEST['users'];
if ( !self::validate_users( $users ) ) {
return;
}
if ( ( !empty( $_REQUEST['ure_add_role'] ) && !empty( $_REQUEST['ure_add_role_submit']) ) ||
( !empty( $_REQUEST['ure_add_role_2'] ) && !empty( $_REQUEST['ure_add_role_submit_2'] ) ) ) {
$this->add_role( $users );
} else if ( ( !empty( $_REQUEST['ure_revoke_role'] ) && !empty( $_REQUEST['ure_revoke_role_submit'] ) ) ||
( !empty( $_REQUEST['ure_revoke_role_2'] ) && !empty( $_REQUEST['ure_revoke_role_submit_2'] ) ) ) {
$this->revoke_role( $users );
}
}
// end of update_roles()
private static function validate_roles($roles) {
if (!is_array($roles)) {
return false;
}
$lib = URE_Lib::get_instance();
$editable_roles = $lib->get_all_editable_roles();
$valid_roles = array_keys($editable_roles);
foreach($roles as $role) {
if (!in_array($role, $valid_roles)) {
return false;
}
}
return true;
}
// end of validate_roles()
private static function grant_primary_role_to_user($user_id, $role) {
$user = get_user_by('id', $user_id);
if (empty($user)) {
return;
}
if ($role===self::NO_ROLE_FOR_THIS_SITE) {
$role = '';
}
$old_roles = $user->roles; // Save currently granted roles to restore from them the bbPress roles later if there are any...
$user->set_role($role);
$lib = URE_Lib::get_instance();
$bbpress = $lib->get('bbpress');
if (empty($bbpress)) {
return;
}
$bbp_roles = $bbpress->extract_bbp_roles($old_roles);
if (count($bbp_roles)>0) { // restore bbPress roles
foreach($bbp_roles as $role) {
$user->add_role($role);
}
}
}
// end of grant_primary_role_to_user()
private static function grant_other_roles_to_user($user_id, $roles) {
$user = get_user_by('id', $user_id);
if (empty($user)) {
return;
}
$roles_list = array_values( $user->roles );
$primary_role = array_shift( $roles_list ); // Get the 1st element from the roles array
$lib = URE_Lib::get_instance();
$bbpress = $lib->get( 'bbpress' );
if ( empty( $bbpress ) ) {
$bbp_roles = array();
} else {
$bbp_roles = $bbpress->extract_bbp_roles( $user->roles );
}
$user->remove_all_caps();
$roles2 = ure_array_merge( array( $primary_role ), $bbp_roles, $roles );
foreach( $roles2 as $role ) {
$user->add_role( $role );
}
}
// end of grant_other_roles_to_user()
/**
* Decide if primary role should be granted or left as it is
*
* @param string $primary_role
* @return boolean
*/
private static function is_select_primary_role($primary_role) {
if (empty($primary_role)) {
return false; // Primary role was not selected by user, leave an older one
}
$lib = URE_Lib::get_instance();
if ($lib->is_super_admin()) {
$select_primary_role = true;
} else {
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
}
return $select_primary_role;
}
// end of is_select_primary_role()
public static function grant_roles() {
if ( !current_user_can('promote_users') ) {
$answer = array('result'=>'error', 'message'=>esc_html__('Not enough permissions', 'user-role-editor'));
return $answer;
}
$users = $_POST['users'];
if (!self::validate_users($users)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Can not edit user or invalid data at the users list', 'user-role-editor'));
return $answer;
}
// Primary role
$primary_role = $_POST['primary_role'];
if (!empty($primary_role) && ($primary_role!==self::NO_ROLE_FOR_THIS_SITE) &&
!self::validate_roles(array($primary_role=>$primary_role))) {
$answer = array('result'=>'error', 'message'=>esc_html__('Invalid primary role', 'user-role-editor'));
return $answer;
}
if (self::is_select_primary_role($primary_role)) {
foreach ($users as $user_id) {
self::grant_primary_role_to_user($user_id, $primary_role);
}
}
// Other roles
$other_roles = isset($_POST['other_roles']) ? $_POST['other_roles'] : null;
if (!empty($other_roles) && !self::validate_roles($other_roles)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Invalid data at the other roles list', 'user-role-editor'));
return $answer;
}
if (!empty($other_roles)) {
foreach($users as $user_id) {
self::grant_other_roles_to_user($user_id, $other_roles);
}
}
$answer = array('result'=>'success', 'message'=>esc_html__('Roles were granted to users successfully', 'user-role-editor'));
return $answer;
}
// end of grant_roles()
public static function get_user_roles() {
if ( !current_user_can( 'promote_users' ) ) {
$answer = array('result'=>'error', 'message'=>esc_html__('Not enough permissions', 'user-role-editor'));
return $answer;
}
$lib = URE_Lib::get_instance();
$user_id = (int) $lib->get_request_var('user_id', 'post', 'int');
if (empty($user_id)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Wrong request, valid user ID was missed', 'user-role-editor'));
return $answer;
}
$user = get_user_by('id', $user_id);
if (empty($user)) {
$answer = array('result'=>'error', 'message'=>esc_html__('Requested user does not exist', 'user-role-editor'));
return $answer;
}
$other_roles = array_values($user->roles);
$primary_role = array_shift($other_roles);
$answer = array('result'=>'success', 'primary_role'=>$primary_role, 'other_roles'=>$other_roles, 'message'=>'User roles were sent');
return $answer;
}
// end of get_user_roles()
private function select_primary_role_html() {
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
if (!$select_primary_role && !$this->lib->is_super_admin()) {
return;
}
?>
<span style="font-weight: bold;">
<?php esc_html_e('Primary Role: ', 'role-editor');?>
</span>
<select name="primary_role" id="primary_role">
<?php
// print the full list of roles with the primary one selected.
wp_dropdown_roles('');
echo '<option value="'. self::NO_ROLE_FOR_THIS_SITE .'">' . esc_html__('&mdash; No role for this site &mdash;') . '</option>'. PHP_EOL;
?>
</select>
<hr/>
<?php
}
// end of select_primary_role_html()
private function select_other_roles_html() {
?>
<div id="other_roles_container">
<span style="font-weight: bold;">
<?php
esc_html_e('Other Roles: ', 'role-editor');
?>
</span><br>
<?php
$show_admin_role = $this->lib->show_admin_role_allowed();
$roles = $this->lib->get_all_editable_roles();
foreach ($roles as $role_id => $role) {
if (!$show_admin_role && $role_id=='administrator') {
continue;
}
echo '<label for="wp_role_' . $role_id . '"><input type="checkbox" id="wp_role_' . $role_id .
'" name="ure_roles[]" value="' . $role_id . '" />&nbsp;' .
esc_html__($role['name'], 'user-role-editor') .' ('. $role_id .')</label><br />'. PHP_EOL;
}
?>
</div>
<?php
}
// end of select_other_roles_html()
private function get_roles_options_list() {
ob_start();
wp_dropdown_roles();
$output = ob_get_clean();
return $output;
}
// end of get_roles_options_list()
public function show_roles_manage_html() {
if ( !current_user_can( 'promote_users' ) ) {
return;
}
$button_number = (self::$counter>0) ? '_2': '';
$roles_options_list = self::get_roles_options_list();
?>
&nbsp;&nbsp;
<input type="button" name="ure_grant_roles<?php echo $button_number;?>" id="ure_grant_roles<?php echo $button_number;?>" class="button"
value="<?php esc_html_e('Grant Roles', 'user-role-editor');?>">
&nbsp;&nbsp;
<label class="screen-reader-text" for="ure_add_role<?php echo $button_number;?>"><?php esc_html_e( 'Add role&hellip;', 'user-role-editor' ); ?></label>
<select name="ure_add_role<?php echo $button_number;?>" id="ure_add_role<?php echo $button_number;?>" style="display: inline-block; float: none;">
<option value=""><?php esc_html_e( 'Add role&hellip;', 'user-role-editor' ); ?></option>
<?php echo $roles_options_list; ?>
</select>
<?php submit_button( esc_html__( 'Add', 'user-role-editor' ), 'secondary', 'ure_add_role_submit'.$button_number, false ); ?>
&nbsp;&nbsp;
<label class="screen-reader-text" for="ure_revoke_role<?php echo $button_number;?>"><?php esc_html_e( 'Revoke role&hellip;', 'user-role-editor' ); ?></label>
<select name="ure_revoke_role<?php echo $button_number;?>" id="ure_revoke_role<?php echo $button_number;?>" style="display: inline-block; float: none;">
<option value=""><?php esc_html_e( 'Revoke role&hellip;', 'user-role-editor' ); ?></option>
<?php echo $roles_options_list; ?>
</select>
<?php submit_button( esc_html__( 'Revoke', 'user-role-editor' ), 'secondary', 'ure_revoke_role_submit'.$button_number, false ); ?>
<?php
if (self::$counter==0) {
?>
<div id="ure_grant_roles_dialog" class="ure-dialog">
<div id="ure_grant_roles_content">
<?php
$this->select_primary_role_html();
$this->select_other_roles_html();
?>
</div>
</div>
<?php
URE_View::output_task_status_div();
self::$counter++;
}
}
// end of show_grant_roles_html()
public function load_js() {
$show_wp_change_role = apply_filters('ure_users_show_wp_change_role', true);
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core','jquery-ui-button', 'jquery'), false, true );
wp_register_script('ure-users-grant-roles', plugins_url('/js/users-grant-roles.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-users-grant-roles');
wp_localize_script('ure-users-grant-roles', 'ure_users_grant_roles_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'dialog_title'=> esc_html__('Grant roles to selected users', 'user-role-editor'),
'select_users_first' => esc_html__('Select users to which you wish to grant roles!', 'user-role-editor'),
'select_roles_first' => esc_html__('Select role(s) which you wish to grant!', 'user-role-editor'),
'show_wp_change_role' => $show_wp_change_role ? 1: 0
));
}
// end of load_js()
}
// end of URE_Grant_Roles class

89
wp/wp-content/plugins/user-role-editor/includes/classes/known-js-css-compatibility-issues.php Normal file
View File

@@ -0,0 +1,89 @@
<?php
class URE_Known_JS_CSS_Compatibility_Issues {
public static function fix($hook_suffix, $ure_hook_suffixes) {
$ure_hook_suffixes[] = 'users.php';
$ure_hook_suffixes[] = 'profile.php';
if (!in_array($hook_suffix, $ure_hook_suffixes)) {
return;
}
self::unload_techgostore($hook_suffix);
self::unload_musicplay($hook_suffix);
self::unload_conflict_plugins_css($hook_suffix);
}
// end of fix()
/**
* Unload WP TechGoStore theme JS and CSS to exclude compatibility issues with URE
*/
private static function unload_techgostore($hook_suffix) {
if (!defined('THEME_SLUG') || THEME_SLUG !== 'techgo_') {
return;
}
wp_deregister_script('jqueryform');
wp_deregister_script('tab');
wp_deregister_script('shortcode_js');
wp_deregister_script('fancybox_js');
wp_deregister_script('bootstrap-colorpicker');
wp_deregister_script('logo_upload');
wp_deregister_script('js_wd_menu_backend');
wp_deregister_style('config_css');
wp_deregister_style('fancybox_css');
wp_deregister_style('colorpicker');
wp_deregister_style('font-awesome');
wp_deregister_style('css_wd_menu_backend');
}
// end of unload_techgostore()
/**
* Unload MusicPlay theme CSS to exclude compatibility issues with URE
*
*/
private static function unload_musicplay($hook_suffix) {
if (!in_array($hook_suffix, array('users.php', 'profile.php')) ) {
return;
}
if (defined('THEMENAME') && THEMENAME!=='MusicPlay') {
return;
}
wp_deregister_style('atpadmin');
wp_deregister_style('appointment-style');
wp_deregister_style('atp-chosen');
wp_deregister_style('atp_plupload');
wp_deregister_style('atp-jquery-timepicker-addon');
wp_deregister_style('atp-jquery-ui');
}
// end of unload_music_play()
private static function unload_conflict_plugins_css($hook_suffix) {
global $wp_styles;
if (!in_array($hook_suffix, array('users.php', 'profile.php')) ) {
return;
}
// remove conflict CSS from responsive-admin-maintenance-pro plugin
if (isset($wp_styles->registered['admin-page-css'])) {
wp_deregister_style('admin-page-css');
}
}
// end of unload_conflict_plugins_css()
}
// end of URE_Fix_Known_JS_CSS_Compatibility_Issues

590
wp/wp-content/plugins/user-role-editor/includes/classes/lib.php Normal file
View File

@@ -0,0 +1,590 @@
<?php
/*
* Stuff specific for User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
*
*/
/**
* This class contains general stuff for usage at WordPress plugins
*/
class URE_Lib extends URE_Base_Lib {
const TRANSIENT_EXPIRATION = 600;
protected $wp_default_role = '';
protected $advert = null;
protected $bbpress = null; // reference to the URE_bbPress class instance
protected $key_capability = ''; // Key user capability for get full access to the User Role Editor
protected $settings_capability = ''; // User capability for access to User Role Editor Settings
// when allow_edit_users_to_not_super_admin option is turned ON, we set this property to true
// when we raise single site admin permissions up to the superadmin for the 'Add new user' new-user.php page
// User_Role_Editor::allow_add_user_as_superadmin()
protected $raised_permissions = false;
// roles sorting order: false - do not sort, 'id' - by role ID, 'name' - by role name
protected $roles_sorting_order = false;
protected $debug = false;
/** class constructor
*
* @param string $options_id
*
*/
protected function __construct($options_id) {
parent::__construct($options_id);
$this->debug = defined('URE_DEBUG') && (URE_DEBUG==1 || URE_DEBUG==true);
$this->get_bbpress();
$this->upgrade();
}
// end of __construct()
public function get_bbpress() {
if ($this->bbpress===null) {
$this->bbpress = new URE_bbPress();
}
return $this->bbpress;
}
// end of get_bbpress()
public static function get_instance($options_id = '') {
if (self::$instance === null) {
if (empty($options_id)) {
throw new Exception('URE_Lib::get_instance() - Error: plugin options ID string is required');
}
// new static() will work too
self::$instance = new URE_Lib($options_id);
}
return self::$instance;
}
// end of get_instance()
protected function upgrade() {
if (!is_admin()) {
return;
}
$ure_version = $this->get_option('ure_version', '0');
if (version_compare( $ure_version, URE_VERSION, '<' ) ) {
// put version upgrade stuff here
$this->put_option('ure_version', URE_VERSION, true);
}
}
// end of upgrade()
/**
* Is this the Pro version?
* @return boolean
*/
public function is_pro() {
return false;
}
// end of is_pro()
public function set_raised_permissions($value) {
$this->raised_permissions = !empty($value) ? true : false;
}
// end of set_raised_permissions()
/**
* get options for User Role Editor plugin
* User Role Editor stores its options at the main blog/site only and applies them to the all network
*
*/
protected function init_options($options_id) {
global $wpdb;
if ($this->multisite) {
if ( ! function_exists( 'is_plugin_active_for_network' ) ) { // Be sure the function is defined before trying to use it
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
}
$this->active_for_network = is_plugin_active_for_network(URE_PLUGIN_BASE_NAME);
}
$current_blog = $wpdb->blogid;
if ($this->multisite && $current_blog!=$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so get URE options from the main blog
switch_to_blog($this->main_blog_id);
}
}
$this->options_id = $options_id;
$this->options = get_option($options_id);
if ($this->multisite && $current_blog!=$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so return back to the current blog
restore_current_blog();
}
}
}
// end of init_options()
/**
* saves options array into WordPress database wp_options table
*/
public function flush_options() {
global $wpdb;
$current_blog = $wpdb->blogid;
if ($this->multisite && $current_blog!==$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so get URE options from the main blog
switch_to_blog($this->main_blog_id); // in order to save URE options to the main blog
}
}
update_option($this->options_id, $this->options);
if ($this->multisite && $current_blog!==$this->main_blog_id) {
if ($this->active_for_network) { // plugin is active for whole network, so return back to the current blog
restore_current_blog();
}
}
}
// end of flush_options()
public function get_main_blog_id() {
return $this->main_blog_id;
}
/**
* Checks if user is allowed to use User Role Editor
*
* @param int $user_id
* @return boolean true
*/
public function user_is_admin($user_id = false) {
if (empty($user_id)) {
$user_id = get_current_user_id();
}
if ( $this->is_super_admin( $user_id ) ) {
return true;
}
$ure_key_capability = URE_Own_Capabilities::get_key_capability();
$user = get_userdata( $user_id );
$result = !empty( $user->allcaps[ $ure_key_capability ] );
return $result;
}
// end of user_is_admin()
/**
* return array with WordPress user roles
*
* @global WP_Roles $wp_roles
* @global type $wp_user_roles
* @return array
*/
public function get_user_roles() {
$bbpress = $this->get_bbpress();
if ($bbpress->is_active()) { // bbPress plugin is active
$roles = $bbpress->get_roles();
} else {
$wp_roles = wp_roles();
$roles = $wp_roles->roles;
}
return $roles;
}
// end of get_user_roles()
/**
* Respect 'editable_roles' filter, when needed
* @return array
*/
public function get_editable_user_roles( $roles = array() ) {
if ( empty( $roles ) ) {
$roles = $this->get_user_roles();
}
$bbpress = $this->get_bbpress();
if ($bbpress->is_active()) {
remove_filter('editable_roles', 'bbp_filter_blog_editable_roles');
}
$roles = apply_filters('editable_roles', $roles );
if ( $bbpress->is_active() ) {
add_filter('editable_roles', 'bbp_filter_blog_editable_roles');
}
return $roles;
}
// end of get_editable_user_roles()
/**
* return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
*
* @return array
*/
public function get_built_in_wp_caps() {
$caps_groups = URE_Capabilities_Groups_Manager::get_instance();
$caps = $caps_groups->get_built_in_wp_caps();
return $caps;
}
// end of get_built_in_wp_caps()
/**
* Return all available post types except non-public WordPress built-in post types
*
* @return array
*/
public function _get_post_types() {
$all_post_types = get_post_types();
$internal_post_types = get_post_types(array('public'=>false, '_builtin'=>true));
$post_types = array_diff($all_post_types, $internal_post_types);
return $post_types;
}
// end of _get_post_types()
public function get_edit_post_capabilities() {
$capabilities = array(
'create_posts',
'edit_posts',
'edit_published_posts',
'edit_others_posts',
'edit_private_posts',
'publish_posts',
'read_private_posts',
'delete_posts',
'delete_private_posts',
'delete_published_posts',
'delete_others_posts'
);
return $capabilities;
}
// end of get_edit_post_capabilities();
public function init_full_capabilities( $ure_object ) {
$capabilities = URE_Capabilities::get_instance();
$full_list = $capabilities->init_full_list( $ure_object );
return $full_list;
}
// end of init_full_capabilities()
public function restore_after_blog_switching($blog_id = 0) {
if (!empty($blog_id)) {
switch_to_blog($blog_id);
}
// cleanup blog switching data
$GLOBALS['_wp_switched_stack'] = array();
$GLOBALS['switched'] = ! empty( $GLOBALS['_wp_switched_stack'] );
}
// end of restore_after_blog_switching()
/**
* Returns administrator role ID
*
* @return string
*/
public function get_admin_role() {
$roles = $this->get_user_roles();
if (isset($roles['administrator'])) {
$admin_role_id = 'administrator';
} else {
// go through all roles and select one with max quant of capabilities included
$max_caps = -1;
$admin_role_id = '';
foreach(array_keys($roles) as $role_id) {
$caps = count($roles[$role_id]['capabilities']);
if ($caps>$max_caps) {
$max_caps = $caps;
$admin_role_id = $role_id;
}
}
}
return $admin_role_id;
}
// end get_admin_role()
/**
* Returns text presentation of user roles
*
* @param type $roles user roles list
* @return string
*/
public function roles_text($roles) {
global $wp_roles;
if (is_array($roles) && count($roles) > 0) {
$role_names = array();
foreach ($roles as $role) {
if (isset($wp_roles->roles[$role])) {
$role_names[] = $wp_roles->roles[$role]['name'];
} else {
$role_names[] = $role;
}
}
$output = implode(', ', $role_names);
} else {
$output = '';
}
return $output;
}
// end of roles_text()
public function about() {
if ($this->is_pro()) {
return;
}
?>
<h2>User Role Editor</h2>
<strong><?php esc_html_e('Version:', 'user-role-editor');?></strong> <?php echo URE_VERSION; ?><br/><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/vladimir.png'; ?>);" target="_blank" href="http://www.shinephp.com/"><?php _e("Author's website", 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/user-role-editor-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com"><?php _e('Plugin webpage', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/user-role-editor-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com/download-plugin"><?php _e('Plugin download', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/changelog-icon.png'; ?>);" target="_blank" href="https://www.role-editor.com/changelog"><?php _e('Changelog', 'user-role-editor'); ?></a><br/>
<a class="ure_rsb_link" style="background-image:url(<?php echo URE_PLUGIN_URL . 'images/faq-icon.png'; ?>);" target="_blank" href="http://www.shinephp.com/user-role-editor-wordpress-plugin/#faq"><?php _e('FAQ', 'user-role-editor'); ?></a><br/>
<?php
/*
<hr />
<div style="text-align: center;">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted"
value="-----BEGIN PKCS7-----MIIHZwYJKoZIhvcNAQcEoIIHWDCCB1QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBME5QAQYFDddWBHA4YXI1x3dYmM77clH5s0CgokYnLVk0P8keOxMtYyNQo6xJs6pY1nJfE3tqNg8CZ3btJjmOUa6DsE+K8Nm6OxGHMQF45z8WAs+f/AvQWdSpPXD0eSMu9osNgmC3yv46hOT3B1J3rKkpeZzMThCdUfECqu+lluzELMAkGBSsOAwIaBQAwgeQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIeMSZk/UuZnuAgcAort75TUUbtDhmdTi1N0tR9W75Ypuw5nBw01HkZFsFHoGezoT95c3ZesHAlVprhztPrizl1UzE9COQs+3p62a0o+BlxUolkqUT3AecE9qs9dNshqreSvmC8SOpirOroK3WE7DStUvViBfgoNAPTTyTIAKKX24uNXjfvx1jFGMQGBcFysbb3OTkc/B6OiU2G951U9R8dvotaE1RQu6JwaRgwA3FEY9d/P8M+XdproiC324nzFel5WlZ8vtDnMyuPxOgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xMTEyMTAwODU3MjdaMCMGCSqGSIb3DQEJBDEWBBSFh6YmkoVtYdMaDd5G6EN0dGcPpzANBgkqhkiG9w0BAQEFAASBgAB91K/+gsmpbKxILdCVXCkiOg1zSG+tfq2EZSNzf8z/R1E3HH8qPdm68OToILsgWohKFwE+RCwcQ0iq77wd0alnWoknvhBBoFC/U0yJ3XmA3Hkgrcu6yhVijY/Odmf6WWcz79/uLGkvBSECbjTY0GLxvhRlsh2nAioCfxAr1cFo-----END PKCS7-----">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</div>
*/
?>
<?php
}
// end of about()
public function show_admin_role_allowed() {
$show_admin_role = $this->get_option('show_admin_role', 0);
$show_admin_role = ((defined('URE_SHOW_ADMIN_ROLE') && URE_SHOW_ADMIN_ROLE==1) || $show_admin_role==1) && $this->user_is_admin();
return $show_admin_role;
}
// end of show_admin_role()
/**
* Returns true if user has a real super administrator permissions
* It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions
* of a real superadmin under WP Multisite
* For WP Singlesite superadmin is a user with 'administrator' role only in opposite the WordPress's is_super_admin(),
* which counts as superadmin any user with 'delete_users' capability
*
* @param int $user_id
* @return boolean
*/
public function is_super_admin( $user_id = false ) {
if (empty($user_id)) {
$user = wp_get_current_user();
$user_id = $user->ID;
} else {
$user = get_userdata($user_id);
}
if (!$user || !$user->exists()) {
return false;
}
if ( $this->multisite && !$this->raised_permissions && is_super_admin( $user_id ) ) {
return true;
}
if (!$this->multisite && $this->user_has_role( $user, 'administrator' ) ) {
return true;
}
return false;
}
// end of is_super_admin()
public function user_has_role( $user, $role) {
if (empty($user)) {
return false;
}
if (!is_a($user, 'WP_User')) {
return false;
}
if (empty($user->roles)) {
return false;
}
if (!in_array( $role, $user->roles ) ) {
return false;
}
return true;
}
// end of user_has_role()
// Returns true for any capability if user is a real superadmin under WordPress Multisite
// Returns true if user has $capability assigned through the roles or directly
// Returns true if user has role with name equal $cap
public function user_has_capability($user, $cap) {
global $wp_roles;
if (!is_object($user) || !is_a( $user, 'WP_User') || empty($user->ID)) {
return false;
}
// Do not replace with $this->is_super_admin() to exclude recursion
if ($this->multisite && !$this->raised_permissions && is_super_admin($user->ID)) {
return true;
}
if (isset($user->caps[$cap])) {
return true;
}
foreach ($user->roles as $role) {
if ($role === $cap) {
return true;
}
if (!empty($wp_roles->roles[$role]['capabilities'][$cap])) {
return true;
}
}
return false;
}
// end of user_has_capability()
// create assign_role object
public function get_assign_role() {
$assign_role = new URE_Assign_Role();
return $assign_role;
}
// end of get_assign_role()
/**
* Compare if current URL path is equal to the required one
* if $path is empty, then just check if URL leads to wp-admin
* @param string $path
* @return boolean
*/
public function is_right_admin_path( $path='' ) {
$result = true;
$admin_url = admin_url( $path );
$parsed = wp_parse_url( $admin_url );
$full_path = $parsed['path'];
if ( stripos( $_SERVER['REQUEST_URI'], $full_path )===false ) {
$result = false;
}
return $result;
}
// end of is_right_admin_path()
public function is_wp_built_in_role( $role ) {
$wp_built_in_roles = array(
'administrator',
'editor',
'author',
'contributor',
'subscriber');
$result = in_array( $role, $wp_built_in_roles );
return $result;
}
// end of is_wp_built_in_role()
/*
* It's overriden in Pro version to add bbPress roles
*/
public function get_all_editable_roles() {
$roles = get_editable_roles(); // WordPress roles
if ( has_filter( 'editable_roles', array( User_Role_Editor::get_instance(), 'sort_wp_roles_list') ) ) {
// to show roles in the accending order
$roles = array_reverse( $roles );
}
return $roles;
}
// end of get_all_roles()
/*
* Wrapper to get_taxonomies() to get the custom taxonomies list
*/
public function get_custom_taxonomies( $output='names' ) {
$args = array(
'show_ui'=>true,
'public'=>true,
'_builtin'=>false
);
$taxonomies = get_taxonomies( $args, $output );
return $taxonomies;
}
// end of get_custom_taxonomies()
}
// end of URE_Lib class

160
wp/wp-content/plugins/user-role-editor/includes/classes/own-capabilities.php Normal file
View File

@@ -0,0 +1,160 @@
<?php
/**
* Class to provide the routine for the own User Role Editor user capabilities list
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Own_Capabilities {
const URE_SETTINGS_CAP_TR = 'ure_settings_cap';
public static function get_caps() {
$lib = URE_Lib::get_instance();
$ure_caps = array(
'ure_edit_roles' => 1,
'ure_create_roles' => 1,
'ure_delete_roles' => 1,
'ure_create_capabilities' => 1,
'ure_delete_capabilities' => 1,
'ure_manage_options' => 1,
'ure_reset_roles' => 1
);
if ($lib->is_pro()) {
$ure_caps['ure_export_roles'] = 1;
$ure_caps['ure_import_roles'] = 1;
$ure_caps['ure_admin_menu_access'] = 1;
$ure_caps['ure_widgets_access'] = 1;
$ure_caps['ure_widgets_show_access'] = 1;
$ure_caps['ure_meta_boxes_access'] = 1;
$ure_caps['ure_other_roles_access'] = 1;
$ure_caps['ure_edit_posts_access'] = 1;
$ure_caps['ure_edit_gravityforms_access'] = 1;
$ure_caps['ure_plugins_activation_access'] = 1;
$ure_caps['ure_view_posts_access'] = 1;
$ure_caps['ure_front_end_menu_access'] = 1;
$ure_caps['ure_nav_menus_access'] = 1;
$multisite = $lib->get('multisite');
if ($multisite) {
$ure_caps['ure_themes_access'] = 1;
}
}
return $ure_caps;
}
// end of get_caps()
/**
* return key capability to have access to User Role Editor Plugin
*/
public static function get_key_capability() {
$lib = URE_Lib::get_instance();
$key_cap = $lib->get('key_capability');
if (!empty($key_cap)) {
return $key_cap;
}
$multisite = $lib->get('multisite');
if ( !$multisite ) {
$key_cap = URE_KEY_CAPABILITY;
} else {
$enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
if ( ( defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1 ) ||
$enable_simple_admin_for_multisite ) {
$key_cap = URE_KEY_CAPABILITY;
} else {
$key_cap = 'manage_network_plugins';
}
}
$lib->set('key_capability', $key_cap);
return $key_cap;
}
// end of get_key_capability()
/**
* Return user capability for the User Role Editor Settings page
*
* @return string
*/
public static function get_settings_capability() {
$lib = URE_Lib::get_instance();
$settings_cap = $lib->get('settings_capability');
if ( !empty( $settings_cap ) ) {
return $settings_cap;
}
$multisite = $lib->get('multisite');
if (!$multisite) {
$settings_cap = 'ure_manage_options';
} else {
$enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
if ( ( defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE' ) && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1 ) ||
$enable_simple_admin_for_multisite ) {
$settings_cap = 'ure_manage_options';
} else {
$settings_cap = self::get_key_capability();
}
}
$lib->set('settings_capability', $settings_cap );
return $settings_cap;
}
// end of get_settings_capability()
public static function init_caps() {
$wp_roles = wp_roles();
if ( !isset( $wp_roles->roles['administrator'] ) ) {
return;
}
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
// Do not turn on URE caps for local administrator by default under multisite, as there is a superadmin.
$turn_on = !$multisite;
$old_use_db = $wp_roles->use_db;
$wp_roles->use_db = true;
$administrator = $wp_roles->role_objects['administrator'];
$ure_caps = self::get_caps();
foreach( array_keys( $ure_caps ) as $cap ) {
if ( !$administrator->has_cap( $cap ) ) {
$administrator->add_cap( $cap, $turn_on );
}
}
$wp_roles->use_db = $old_use_db;
}
// end of init_caps()
/**
* Return list of URE capabilities with data about groups they were included
*
* @return array
*/
public static function get_caps_groups() {
$ure_caps = self::get_caps();
$caps = array();
foreach( array_keys( $ure_caps ) as $ure_cap ) {
$caps[$ure_cap] = array('custom', 'user_role_editor');
}
return $caps;
}
// end of get_caps_groups()
}
// end of URE_Capabilities class

243
wp/wp-content/plugins/user-role-editor/includes/classes/protect-admin.php Normal file
View File

@@ -0,0 +1,243 @@
<?php
/*
* Main class of User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class URE_Protect_Admin {
private $lib = null;
private $user_to_check = null; // cached list of user IDs, who has Administrator role
public function __construct() {
global $pagenow;
$this->lib = URE_Lib::get_instance();
$this->user_to_check = array();
// Exclude administrator role from edit list.
add_filter('editable_roles', array($this, 'exclude_admin_role'));
if (in_array($pagenow, array('users.php', 'user-edit.php'))) {
// prohibit any actions with user who has Administrator role
add_filter('user_has_cap', array($this, 'not_edit_admin'), 10, 3);
}
// exclude users with 'Administrator' role from users list
add_action('pre_user_query', array($this, 'exclude_administrators'));
// do not show 'Administrator (s)' view above users list
add_filter('views_users', array($this, 'exclude_admins_view'));
}
// end of __construct()
// apply protection to the user edit pages only
protected function is_protection_applicable() {
global $pagenow;
$result = false;
$pages_to_block = array('profile.php', 'users.php', 'user-new.php', 'user-edit.php');
if (in_array($pagenow, $pages_to_block)) {
$result = true;
}
return $result;
}
// end of is_protection_applicable()
/**
* exclude administrator role from the roles list
*
* @param string $roles
* @return array
*/
public function exclude_admin_role( $roles ) {
if ( $this->is_protection_applicable() && isset( $roles['administrator'] ) ) {
unset( $roles['administrator'] );
}
return $roles;
}
// end of exclude_admin_role()
/**
* Check if user has "Administrator" role assigned
*
* @global wpdb $wpdb
* @param int $user_id
* @return boolean returns true is user has Role "Administrator"
*/
private function has_administrator_role($user_id) {
global $wpdb;
if (empty($user_id) || !is_numeric($user_id)) {
return false;
}
$meta_key = $wpdb->prefix .'capabilities';
$query = $wpdb->prepare(
"SELECT count(*)
FROM {$wpdb->usermeta}
WHERE user_id=%d AND meta_key=%s AND meta_value LIKE %s",
array($user_id, $meta_key, '%"administrator"%') );
$has_admin_role = $wpdb->get_var( $query );
if ($has_admin_role > 0) {
$result = true;
} else {
$result = false;
}
// cache checking result for the future use
$this->user_to_check[$user_id] = $result;
return $result;
}
// end of has_administrator_role()
/**
* We have two vulnerable queries with user id at admin interface, which should be processed
* 1st: http://blogdomain.com/wp-admin/user-edit.php?user_id=ID&wp_http_referer=%2Fwp-admin%2Fusers.php
* 2nd: http://blogdomain.com/wp-admin/users.php?action=delete&user=ID&_wpnonce=ab34225a78
* If put Administrator user ID into such request, user with lower capabilities (if he has 'edit_users')
* can edit, delete admin record
* This function removes 'edit_users' or 'delete_users' or 'remove_users' capability from current user capabilities,
* if request sent against a user with 'administrator' role
*
* @param array $allcaps
* @param type $caps
* @param string $name
* @return array
*/
public function not_edit_admin($allcaps, $caps, $name) {
if (is_array($caps) & count($caps)>0) {
// 1st element of this array not always has index 0. Use workaround to extract it.
$caps_v = array_values($caps);
$cap = $caps_v[0];
} else {
$cap = $caps;
}
$checked_caps = array('edit_users', 'delete_users', 'remove_users');
if (!in_array($cap, $checked_caps)) {
return $allcaps;
}
$user_keys = array('user_id', 'user');
foreach ($user_keys as $user_key) {
$access_deny = false;
$user_id = (int) $this->lib->get_request_var($user_key, 'get', 'int');
if (empty($user_id)) { // check the next key
continue;
}
if ($user_id == 1) { // built-in WordPress Admin
$access_deny = true;
} else {
if (!isset($this->user_to_check[$user_id])) {
// check if user_id has Administrator role
$access_deny = $this->has_administrator_role($user_id);
} else {
// user_id was checked already, get result from cash
$access_deny = $this->user_to_check[$user_id];
}
}
if ($access_deny && isset($allcaps[$cap])) {
unset($allcaps[$cap]);
}
break;
}
return $allcaps;
}
// end of not_edit_admin()
/**
* add where criteria to exclude users with 'Administrator' role from users list
*
* @global wpdb $wpdb
* @param type $user_query
*/
public function exclude_administrators($user_query) {
global $wpdb;
if (!$this->is_protection_applicable()) { // block the user edit stuff only
return;
}
// get user_id of users with 'Administrator' role
$current_user_id = get_current_user_id();
$meta_key = $wpdb->prefix . 'capabilities';
$query = $wpdb->prepare(
"SELECT user_id
FROM {$wpdb->usermeta}
WHERE user_id!=%d AND meta_key=%s AND meta_value like %s",
array($current_user_id, $meta_key, '%"administrator"%'));
$ids_arr = $wpdb->get_col( $query );
if (is_array($ids_arr) && count($ids_arr) > 0) {
$ids = implode(',', $ids_arr);
$user_query->query_where .= " AND ( $wpdb->users.ID NOT IN ( $ids ) )";
}
}
// end of exclude_administrators()
private function extract_view_quantity($text) {
$match = array();
$result = preg_match('#\((.*?)\)#', $text, $match);
if ($result) {
$quantity = $match[1];
} else {
$quantity = 0;
}
return $quantity;
}
// end of extract_view_quantity()
private function extract_int($str_val) {
$str_val1 = str_replace(',', '', $str_val); // remove ',' from numbers like '2,015'
$int_val = (int) preg_replace('/[^\-\d]*(\-?\d*).*/','$1', $str_val1); // extract numeric value strings like from '2015 bla-bla'
return $int_val;
}
// end of extract_int()
/*
* Exclude view of users with Administrator role
*
*/
public function exclude_admins_view($views) {
if (!isset($views['administrator'])) {
return $views;
}
if (isset($views['all'])) {
// Decrease quant of all users for a quant of hidden admins
$admins_orig_s = $this->extract_view_quantity($views['administrator']);
$admins_int = $this->extract_int($admins_orig_s);
$all_orig_s = $this->extract_view_quantity($views['all']);
$all_orig_int = $this->extract_int($all_orig_s);
$all_new_int = $all_orig_int - $admins_int;
$all_new_s = number_format_i18n($all_new_int);
$views['all'] = str_replace($all_orig_s, $all_new_s, $views['all']);
}
unset($views['administrator']);
return $views;
}
// end of exclude_admins_view()
}
// end of URE_Protect_Admin class

144
wp/wp-content/plugins/user-role-editor/includes/classes/role-additional-options.php Normal file
View File

@@ -0,0 +1,144 @@
<?php
class URE_Role_Additional_Options {
private static $instance = null;
private $lib = null;
private $items = null;
private $active_items = null;
const STORAGE_ID = 'ure_role_additional_options_values';
private function __construct($lib) {
$this->lib = $lib;
$this->init();
}
// end of __construct()
public static function get_instance($lib) {
if (self::$instance===null) {
self::$instance = new URE_Role_Additional_Options($lib);
}
return self::$instance;
}
// end of get_instance()
public static function create_item($id, $label, $hook, $routine) {
$item = new stdClass();
$item->id = $id;
$item->label = $label;
$item->hook = $hook;
$item->routine = $routine;
return $item;
}
// end of create_item()
public static function get_active_items() {
$data = get_option(self::STORAGE_ID, array());
return $data;
}
private function init() {
$this->items = array();
$item = self::create_item('hide_admin_bar', esc_html__('Hide admin bar', 'user-role-editor'), 'init', 'ure_hide_admin_bar');
$this->items[$item->id] = $item;
// Allow other developers to modify the list of role's additonal options
$this->items = apply_filters('ure_role_additional_options', $this->items);
$this->active_items = self::get_active_items();
}
// end of init()
public function set_active_items_hooks() {
$current_user = wp_get_current_user();
foreach($current_user->roles as $role) {
if (!isset($this->active_items[$role])) {
continue;
}
foreach(array_keys($this->active_items[$role]) as $item_id) {
if (isset($this->items[$item_id])) {
add_action($this->items[$item_id]->hook, $this->items[$item_id]->routine, 99);
}
}
}
}
// end of set_active_items_hooks()
public function save($current_role) {
$wp_roles = wp_roles();
$this->active_items = self::get_active_items();
// remove non-existing roles
foreach(array_keys($this->active_items) as $role_id) {
if (!isset($wp_roles->roles[$role_id])) {
unset($this->active_items[$role_id]);
}
}
// Save additonal options section for the current role
$this->active_items[$current_role] = array();
foreach( $this->items as $item ) {
if ( isset( $_POST['values'][$item->id] ) ) {
$this->active_items[$current_role][$item->id] = 1;
}
}
update_option( self::STORAGE_ID, $this->active_items );
}
// end of save()
public function show($current_role) {
?>
<hr />
<?php echo esc_html__('Additional Options', 'user-role-editor');?>:
<table id="additional_options" class="form-table" style="clear:none;" cellpadding="0" cellspacing="0">
<tr>
<td>
<?php
$first_time = true;
foreach($this->items as $item) {
$checked = (isset($this->active_items[$current_role]) &&
isset($this->active_items[$current_role][$item->id])) ? 'checked="checked"' : '';
if (!$first_time) {
?>
<br/>
<?php
}
?>
<input type="checkbox" name="<?php echo $item->id;?>" id="<?php echo $item->id;?>" value="<?php echo $item->id;?>" <?php echo $checked;?> >
<label for="<?php echo $item->id;?>"><?php echo $item->label;?></label>
<?php
$first_time = false;
}
?>
</td>
<td></td>
</tr>
</table>
<?php
}
// end of show()
}
// end of URE_Role_Additional_Options class

418
wp/wp-content/plugins/user-role-editor/includes/classes/role-view.php Normal file
View File

@@ -0,0 +1,418 @@
<?php
/**
* Role capabilities View class to output HTML with role capabilities
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Role_View extends URE_View {
public $role_default_html = '';
private $role_to_copy_html = '';
private $role_select_html = '';
private $role_delete_html = '';
private $caps_to_remove = null;
public function __construct() {
parent::__construct();
$capabilities = URE_Capabilities::get_instance();
$this->caps_to_remove = $capabilities->get_caps_to_remove();
}
// end of __construct()
public function role_default_prepare_html($select_width=200) {
$roles = $this->lib->get_editable_user_roles();
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
$show_admin_role = $this->lib->show_admin_role_allowed();
if ($select_width>0) {
$select_style = 'style="width: '. $select_width .'px"';
} else {
$select_style = '';
}
$wp_default_role = get_option( 'default_role' );
$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
foreach ($roles as $key => $value) {
$selected = selected($key, $wp_default_role, false);
$disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
if ($show_admin_role || $key != 'administrator') {
$this->role_default_html .= '<option value="' . $key . '" ' . $selected .' '. $disabled .'>'. $value['name'] .' (' . $key . ')</option>';
}
}
$this->role_default_html .= '</select>';
}
// end of role_default_prepare_html()
private function role_select_copy_prepare_html( $select_width=200 ) {
$current_user = wp_get_current_user();
$key_capability = URE_Own_Capabilities::get_key_capability();
$user_is_ure_admin = current_user_can( $key_capability );
$role_to_skip = ( $user_is_ure_admin ) ? '' : $current_user->roles[0];
$caps_access_restrict_for_simple_admin = $this->lib->get_option( 'caps_access_restrict_for_simple_admin', 0 );
$show_admin_role = $this->lib->show_admin_role_allowed();
$this->role_to_copy_html = '<select id="user_role_copy_from" name="user_role_copy_from" style="width: '. $select_width .'px">
<option value="none" selected="selected">' . esc_html__('None', 'user-role-editor') . '</option>';
$this->role_select_html = '<select id="user_role" name="user_role" onchange="ure_main.role_change( this.value );">';
$current_role = $this->editor->get( 'current_role' );
$all_roles = $this->editor->get( 'roles' );
$roles = $this->lib->get_editable_user_roles( $all_roles );
foreach ($roles as $key => $value) {
if ( $key===$role_to_skip ) { // skip role of current user if he does not have full access to URE
continue;
}
$selected1 = selected( $key, $current_role, false );
$disabled = ( $key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
if ( $show_admin_role || $key != 'administrator' ) {
$role_name = $value['name'] .' (' . $key . ')';
$this->role_select_html .= '<option value="' . $key . '" ' . $selected1 .' '. $disabled .'>' . $role_name . '</option>';
$this->role_to_copy_html .= '<option value="' . $key .'" '. $disabled .'>' . $role_name . '</option>';
}
}
$this->role_select_html .= '</select>';
$this->role_to_copy_html .= '</select>';
}
// end of role_select_copy_prepare_html()
private function role_delete_prepare_html() {
$roles_can_delete = $this->editor->get_roles_can_delete();
if ( is_array( $roles_can_delete ) && count( $roles_can_delete ) > 0) {
ksort( $roles_can_delete );
$this->role_delete_html = '<select id="del_user_role" name="del_user_role" width="250" style="width: 250px">';
foreach ($roles_can_delete as $key => $value) {
$this->role_delete_html .= '<option value="' . $key . '">' . esc_html__($value, 'user-role-editor') . '</option>';
}
$this->role_delete_html .= '<option value="-1" style="color: red;">' . esc_html__('Delete All Unused Roles', 'user-role-editor') . '</option>';
$this->role_delete_html .= '</select>';
} else {
$this->role_delete_html = '';
}
}
// end of role_delete_prepare_html()
/**
* Build HTML for select drop-down list from capabilities we can remove
*
* @return string
**/
public static function caps_to_remove_html() {
global $wp_roles;
$capabilities = URE_Capabilities::get_instance();
$caps_to_remove = $capabilities->get_caps_to_remove();
if ( empty( $caps_to_remove ) || !is_array( $caps_to_remove ) && count( $caps_to_remove )===0 ) {
return '';
}
$caps = array_keys($caps_to_remove);
asort($caps);
$network_admin = filter_input(INPUT_POST, 'network_admin', FILTER_SANITIZE_NUMBER_INT);
$current_role = isset( $_POST['current_role'] ) ? URE_Base_Lib::filter_string_var( $_POST['current_role'] ) : '';
if (!isset($wp_roles->roles[$current_role])) {
$current_role = '';
}
ob_start();
?>
<form name="ure_remove_caps_form" id="ure_remove_caps_form" method="POST"
action="<?php echo admin_url() . ($network_admin ? 'network/':'') . URE_PARENT .'?page=users-'.URE_PLUGIN_FILE;?>" >
<table id="ure_remove_caps_table">
<tr>
<th>
<input type="checkbox" id="ure_remove_caps_select_all">
</th>
<th></th>
</tr>
<?php
foreach($caps as $cap_id) {
$cap_id_esc = 'rm_'.URE_Capability::escape($cap_id);
?>
<tr>
<td>
<input type="checkbox" name="<?php echo $cap_id_esc;?>" id="<?php echo $cap_id_esc;?>" class="ure-cb-column"
value="<?php echo $cap_id;?>"/>
</td>
<td>
<label for="<?php echo $cap_id_esc;?>"><?php echo $cap_id; ?></label>
</td>
</tr>
<?php
} // foreach($caps...)
?>
</table>
<input type="hidden" name="action" id="action" value="delete-user-capability" />
<input type="hidden" name="user_role" id="ure_role" value="<?php echo $current_role;?>" />
<?php wp_nonce_field('user-role-editor', 'ure_nonce'); ?>
</form>
<?php
$html = ob_get_contents();
ob_end_clean();
return $html;
}
// end of caps_to_remove_html()
public function role_edit_prepare_html( $select_width=200 ) {
$this->role_select_copy_prepare_html( $select_width );
$multisite = $this->lib->get( 'multisite' );
if ( $multisite && !is_network_admin() ) {
$this->role_default_prepare_html( $select_width );
}
$this->role_delete_prepare_html();
}
// end of role_edit_prepare_html()
public function display_edit_dialogs() {
$multisite = $this->lib->get('multisite');
$current_role = $this->editor->get('current_role');
$current_role_name = $this->editor->get('current_role_name');
?>
<script language="javascript" type="text/javascript">
var ure_current_role = '<?php echo $current_role; ?>';
var ure_current_role_name = "<?php echo $current_role_name; ?>";
</script>
<!-- popup dialogs markup -->
<div id="ure_add_role_dialog" class="ure-modal-dialog" style="padding: 10px;">
<form id="ure_add_role_form" name="ure_add_role_form" method="POST">
<div class="ure-label"><?php esc_html_e('Role name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="user_role_id" id="user_role_id" size="25"/></div>
<div class="ure-label"><?php esc_html_e('Display Role Name: ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="user_role_name" id="user_role_name" size="25"/></div>
<div class="ure-label"><?php esc_html_e('Make copy of: ', 'user-role-editor'); ?></div>
<div class="ure-input"><?php echo $this->role_to_copy_html; ?></div>
</form>
</div>
<div id="ure_rename_role_dialog" class="ure-modal-dialog" style="padding: 10px;">
<form id="ure_rename_role_form" name="ure_rename_role_form" method="POST">
<div class="ure-label"><?php esc_html_e('Role name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="ren_user_role_id" id="ren_user_role_id" size="25" disabled /></div>
<div class="ure-label"><?php esc_html_e('Display Role Name: ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="ren_user_role_name" id="ren_user_role_name" size="25"/></div>
</form>
</div>
<div id="ure_delete_role_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-label"><?php esc_html_e('Select Role:', 'user-role-editor');?></div>
<div class="ure-input"><?php echo $this->role_delete_html; ?></div>
</div>
</div>
<?php
if ($multisite && !is_network_admin()) {
?>
<div id="ure_default_role_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<?php echo $this->role_default_html; ?>
</div>
</div>
<?php
}
?>
<div id="ure_delete_capability_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-input"></div>
</div>
</div>
<div id="ure_add_capability_dialog" class="ure-modal-dialog">
<div style="padding:10px;">
<div class="ure-label"><?php esc_html_e('Capability name (ID): ', 'user-role-editor'); ?></div>
<div class="ure-input"><input type="text" name="capability_id" id="capability_id" size="25"/></div>
</div>
</div>
<?php
URE_View::output_task_status_div();
}
// end of output_role_edit_dialogs()
/**
* output HTML code to create URE toolbar
*
* @param string $this->current_role
* @param boolean $role_delete
* @param boolean $capability_remove
*/
public function toolbar() {
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
if ($caps_access_restrict_for_simple_admin) {
$add_del_role_for_simple_admin = $this->lib->get_option('add_del_role_for_simple_admin', 1);
} else {
$add_del_role_for_simple_admin = 1;
}
$super_admin = $this->lib->is_super_admin();
$multisite = $this->lib->get('multisite');
?>
<div id="ure_toolbar" >
<div id="ure_update">
<button id="ure_update_role" class="ure_toolbar_button button-primary" >Update</button>
<?php
do_action('ure_role_edit_toolbar_update');
?>
</div>
<?php
if (!$multisite || $super_admin || $add_del_role_for_simple_admin) { // restrict single site admin
?>
<hr />
<?php
if (current_user_can('ure_create_roles')) {
?>
<button id="ure_add_role" class="ure_toolbar_button">Add Role</button>
<?php
}
?>
<button id="ure_rename_role" class="ure_toolbar_button">Rename Role</button>
<?php
} // restrict single site admin
if (!$multisite || $super_admin || !$caps_access_restrict_for_simple_admin) { // restrict single site admin
if (current_user_can('ure_create_capabilities')) {
?>
<button id="ure_add_capability" class="ure_toolbar_button">Add Capability</button>
<?php
}
} // restrict single site admin
if (!$multisite || $super_admin || $add_del_role_for_simple_admin) { // restrict single site admin
if (!empty($this->role_delete_html) && current_user_can('ure_delete_roles')) {
?>
<button id="ure_delete_role" class="ure_toolbar_button">Delete Role</button>
<?php
}
} // restrict single site admin
if (!$multisite || $super_admin || !$caps_access_restrict_for_simple_admin) { // restrict single site admin
if (!empty($this->caps_to_remove) && is_array($this->caps_to_remove) && count($this->caps_to_remove)>0 &&
current_user_can('ure_delete_capabilities')) {
?>
<button id="ure_delete_capability" class="ure_toolbar_button">Delete Capability</button>
<?php
}
if ($multisite && !is_network_admin()) { // Show for single site for WP multisite only
?>
<hr />
<button id="ure_default_role" class="ure_toolbar_button">Default Role</button>
<hr />
<?php
}
?>
<div id="ure_service_tools">
<?php
do_action('ure_role_edit_toolbar_service');
?>
</div>
<?php
} // restrict single site admin
?>
</div>
<?php
}
// end of toolbar()
private function display_options() {
$multisite = $this->lib->get('multisite');
$active_for_network = $this->lib->get('active_for_network');
?>
<div id="ure_editor_options">
<?php
$caps_readable = $this->editor->get('caps_readable');
if ($caps_readable) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
if ($this->lib->is_super_admin() || !$multisite || !$this->lib->is_pro() || !$caps_access_restrict_for_simple_admin) {
?>
<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_main.turn_caps_readable();"/>
<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>&nbsp;&nbsp;
<?php
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
if ($show_deprecated_caps) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_show_deprecated_caps" id="ure_show_deprecated_caps" value="1" <?php echo $checked; ?> onclick="ure_turn_deprecated_caps(0);"/>
<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
<?php
}
if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && $this->lib->is_super_admin()) {
$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
$apply_to_all = $this->editor->get('apply_to_all');
if ($apply_to_all) {
$checked = 'checked="checked"';
$fontColor = 'color:#FF0000;';
} else {
$checked = '';
$fontColor = '';
}
?>
<div style="float: right; margin-left:10px; margin-right: 20px; <?php echo $fontColor; ?>" id="ure_apply_to_all_div">
<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1"
<?php echo $checked; ?> title="<?php echo $hint; ?>" onclick="ure_main.apply_to_all_on_click(this)"/>
<label for="ure_apply_to_all" title="<?php echo $hint; ?>"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
</div>
<?php
}
?>
</div>
<hr>
<?php
}
// end of display_options()
public function display() {
?>
<div class="postbox" style="min-width:800px;width:100%">
<div id="ure_role_selector">
<span id="ure_role_select_label"><?php esc_html_e('Select Role and change its capabilities:', 'user-role-editor'); ?></span> <?php echo $this->role_select_html; ?>
</div>
<div class="inside">
<?php
$this->display_options();
$this->display_caps();
$ao = $this->editor->get('role_additional_options');
$current_role = $this->editor->get('current_role');
$ao->show($current_role);
?>
<input type="hidden" name="object" value="role" />
</div>
</div>
<?php
}
// end of display()
}
// end of class URE_Role_View

124
wp/wp-content/plugins/user-role-editor/includes/classes/screen-help.php Normal file
View File

@@ -0,0 +1,124 @@
<?php
/*
* User Role Editor Settings page on Screen Help class
*
*/
class URE_Screen_Help {
protected function get_general_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>
<li><strong>' . esc_html__('Show Administrator role at User Role Editor', 'user-role-editor').'</strong> - ' .
esc_html__('turn this option on in order to make the "Administrator" role available at the User Role Editor '
. 'roles selection drop-down list. It is hidden by default for security reasons.','user-role-editor') . '</li>
<li><strong>' . esc_html__('Show capabilities in the human readable form','user-role-editor').'</strong> - ' .
esc_html__('automatically converts capability names from the technical form for internal use like '
. '"edit_others_posts" to more user friendly form, e.g. "Edit others posts".','user-role-editor') . '</li>
<li><strong>' . esc_html__('Show deprecated capabilities','user-role-editor').'</strong> - '.
esc_html__('Capabilities like "level_0", "level_1" are deprecated and are not used by WordPress. '
. 'They are left at the user roles for the compatibility purpose with old themes and plugins code. '
. 'Turning on this option will show those deprecated capabilities.', 'user-role-editor') . '</li>
<li><strong>' . esc_html__('Confirm role update','user-role-editor').'</strong> - ' .
esc_html__('Show confirmation dialog before save changes made to a current role.') . '</li>
<li><strong>' . esc_html__('Edit user capabilities','user-role-editor').'</strong> - '.
esc_html__('If turned off - capabilities section of selected user is shown in readonly mode. '
. 'Administrator can not assign capabilities to the user directly. '
. 'He should do it using roles only.', 'user-role-editor') . '</li>';
$text = apply_filters('ure_get_settings_general_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_general_tab()
protected function get_additional_modules_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>';
if (!is_multisite()) {
$text .= '<li><strong>' . esc_html__('Count users without role', 'user-role-editor').'</strong> - ' .
esc_html__('Show at the "Users" page a quant of users without role. Module allows to assign all of them '.
'an empty role "No rights", in order to look on the users list with role "No rights" at the separate tab then.','user-role-editor') . '</li>';
}
$text = apply_filters('ure_get_settings_additional_modules_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_additional_modules_tab()
protected function get_default_roles_tab() {
$text = '<h2>'. esc_html__('User Role Editor Options page help', 'user-role-editor') .'</h2>
<p>
<ul>
<li><strong>' . esc_html__('Other default roles for new registered user', 'user-role-editor').'</strong> - ' .
esc_html__('select roles below to assign them to the new user automatically as an addition to the primary role. '.
'Note for multisite environment: take into account that other default roles should exist at the site, '.
'in order to be assigned to the new registered users.','user-role-editor') . '</li>';
$text = apply_filters('ure_get_settings_default_roles_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_default_roles_tab()
protected function get_multisite_tab() {
$text = '<h2>'. esc_html__( 'User Role Editor Options page help', 'user-role-editor' ) .'</h2>
<p>
<ul>
<li><strong>' . esc_html__( 'Allow non super-administrators to create, edit and delete users', 'user-role-editor' ).'</strong> - '.
esc_html__( 'Super administrator only may create, edit and delete users under WordPress multi-site by default. '.
'Turn this option on in order to remove this limitation.','user-role-editor' ) .'</li>';
$text = apply_filters('ure_get_settings_multisite_tab_help', $text);
$text .='
</ul>
</p>';
return $text;
}
// end of get_multisite_tab()
public function get_settings_help($tab_name) {
switch ($tab_name) {
case 'general':{
$text = $this->get_general_tab();
break;
}
case 'additional_modules':{
$text = $this->get_additional_modules_tab();
break;
}
case 'default_roles':{
$text = $this->get_default_roles_tab();
break;
}
case 'multisite':{
$text = $this->get_multisite_tab();
break;
}
default:
}
return $text;
}
// end of get_settings_help()
}
// end of URE_Screen_Help

270
wp/wp-content/plugins/user-role-editor/includes/classes/settings.php Normal file
View File

@@ -0,0 +1,270 @@
<?php
/**
* Settings manager
*
* Project: User Role Editor WordPress plugin
*
* Author: Vladimir Garagulya
* email: support@role-editor.com
*
**/
class URE_Settings {
protected static function get_action() {
$action = 'show';
$update_buttons = array(
'ure_settings_update',
'ure_addons_settings_update',
'ure_settings_ms_update',
'ure_default_roles_update',
'ure_settings_tools_exec');
foreach($update_buttons as $update_button) {
if (!isset($_POST[$update_button])) {
continue;
}
if (!wp_verify_nonce($_POST['_wpnonce'], 'user-role-editor')) {
wp_die('Security check failed');
}
$action = $update_button;
break;
}
return $action;
}
// end of get_settings_action()
/**
* Update General Options tab
*/
protected static function update_general_options() {
$lib = URE_Lib::get_instance();
if (defined('URE_SHOW_ADMIN_ROLE') && (URE_SHOW_ADMIN_ROLE == 1)) {
$show_admin_role = 1;
} else {
$show_admin_role = $lib->get_request_var('show_admin_role', 'post', 'checkbox');
}
$lib->put_option('show_admin_role', $show_admin_role);
$caps_readable = $lib->get_request_var('caps_readable', 'post', 'checkbox');
$lib->put_option('ure_caps_readable', $caps_readable);
$show_deprecated_caps = $lib->get_request_var('show_deprecated_caps', 'post', 'checkbox');
$lib->put_option('ure_show_deprecated_caps', $show_deprecated_caps);
$confirm_role_update = $lib->get_request_var('confirm_role_update', 'post', 'checkbox');
$lib->put_option('ure_confirm_role_update', $confirm_role_update);
$edit_user_caps = $lib->get_request_var('edit_user_caps', 'post', 'checkbox');
$lib->put_option('edit_user_caps', $edit_user_caps);
$caps_columns_quant = (int) $lib->get_request_var('caps_columns_quant', 'post', 'int');
$lib->put_option('caps_columns_quant', $caps_columns_quant);
do_action('ure_settings_update1');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_general_options()
/**
* Update Additional Modules Options tab
*/
protected static function update_addons_options() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if (!$multisite) {
$count_users_without_role = $lib->get_request_var('count_users_without_role', 'post', 'checkbox');
$lib->put_option('count_users_without_role', $count_users_without_role);
}
do_action('ure_settings_update2');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_addons_options()
protected static function update_default_roles() {
global $wp_roles;
$lib = URE_Lib::get_instance();
// Primary default role
$primary_default_role = $lib->get_request_var('default_user_role', 'post');
if (!empty($primary_default_role) && isset($wp_roles->role_objects[$primary_default_role]) && $primary_default_role !== 'administrator') {
update_option('default_role', $primary_default_role);
}
// Other default roles
$other_default_roles = array();
foreach($_POST as $key=>$value) {
$prefix = substr($key, 0, 8);
if ($prefix!=='wp_role_') {
continue;
}
$role_id = substr($key, 8);
if ($role_id!=='administrator' && isset($wp_roles->role_objects[$role_id])) {
$other_default_roles[] = $role_id;
}
} // foreach()
$lib->put_option('other_default_roles', $other_default_roles, true);
$lib->show_message(esc_html__('Default Roles are updated', 'user-role-editor'));
}
// end of update_default_roles()
protected static function update_multisite_options() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if (!$multisite) {
return;
}
$allow_edit_users_to_not_super_admin = $lib->get_request_var('allow_edit_users_to_not_super_admin', 'post', 'checkbox');
$lib->put_option('allow_edit_users_to_not_super_admin', $allow_edit_users_to_not_super_admin);
do_action('ure_settings_ms_update');
$lib->flush_options();
$lib->show_message(esc_html__('User Role Editor options are updated', 'user-role-editor'));
}
// end of update_multisite_options()
protected static function tools_exec() {
$lib = URE_Lib::get_instance();
$roles_reset = $lib->get_request_var( 'ure_reset_roles_exec', 'post', 'int');
if ( $roles_reset==1 ) {
URE_Tools::reset_roles();
} else {
do_action( 'ure_settings_tools_exec' );
}
}
//end of tools_exec()
private static function controller() {
$action = self::get_action();
switch ($action) {
case 'ure_settings_update':
self::update_general_options();
break;
case 'ure_addons_settings_update':
self::update_addons_options();
break;
case 'ure_settings_ms_update':
self::update_multisite_options();
break;
case 'ure_default_roles_update':
self::update_default_roles();
break;
case 'ure_settings_tools_exec':
self::tools_exec();
break;
case 'show':
default:
;
} // switch()
}
// end of controller()
public static function show_other_default_roles() {
$lib = URE_Lib::get_instance();
$other_default_roles = $lib->get_option('other_default_roles', array());
$roles = $lib->get_editable_user_roles();
$wp_default_role = get_option('default_role');
foreach ($roles as $role_id => $role) {
if ( $role_id=='administrator' || $role_id==$wp_default_role ) {
continue;
}
if ( in_array( $role_id, $other_default_roles ) ) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label for="wp_role_' . $role_id .'"><input type="checkbox" id="wp_role_' . $role_id .
'" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked .' />&nbsp;' .
$role['name'] . '</label><br />';
}
}
// end of show_other_default_roles()
public static function get_settings_link() {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
if ($multisite && is_network_admin()) {
$link = 'settings.php';
} else {
$link = 'options-general.php';
}
return $link;
}
// end of get_settings_link();
public static function show() {
$lib = URE_Lib::get_instance();
self::controller();
if (defined('URE_SHOW_ADMIN_ROLE') && (URE_SHOW_ADMIN_ROLE == 1)) {
$show_admin_role = 1;
} else {
$show_admin_role = $lib->get_option('show_admin_role', 0);
}
$caps_readable = $lib->get_option('ure_caps_readable', 0);
$show_deprecated_caps = $lib->get_option('ure_show_deprecated_caps', 0);
$confirm_role_update = $lib->get_option('ure_confirm_role_update', 1);
$edit_user_caps = $lib->get_option('edit_user_caps', 1);
$caps_columns_quant = $lib->get_option('caps_columns_quant', 1);
$multisite = $lib->get('multisite');
if ($multisite) {
$allow_edit_users_to_not_super_admin = $lib->get_option('allow_edit_users_to_not_super_admin', 0);
} else {
$count_users_without_role = $lib->get_option('count_users_without_role', 0);
}
$view = new URE_Role_View();
$view->role_default_prepare_html(0);
$ure_tab_idx = (int) $lib->get_request_var('ure_tab_idx', 'post', 'int');
do_action('ure_settings_load');
$link = self::get_settings_link();
$active_for_network = $lib->get('active_for_network');
$license_key_only = $multisite && is_network_admin() && !$active_for_network;
require_once(URE_PLUGIN_DIR . 'includes/settings-template.php');
}
// end of show()
}
// end of URE_Settings class

148
wp/wp-content/plugins/user-role-editor/includes/classes/task-queue.php Normal file
View File

@@ -0,0 +1,148 @@
<?php
/*
* User Role Editor Pro WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v3
*
*/
/*
* User Role Editor's internal tasks queue
* Usage: on URE plugin activation URE adds 'on_activation' task to this queue, which fires 'ure_on_activation' action
* on the next WordPress call. It's useful when some action is needed unavailable at standard plugin activation point,
* like 'admin_menu', which is used for the admin menu access data conversion - class URE_Admin_Menu_Hashes.
* Class User_Role_Editor_Pro adds execute_once method for the 'ure_on_activation' action, where
* URE_Admin_Menu_Hashes::require_data_conversion(); method is called which registers tasks for data coversion, including
* individual tasks for every site of the multisite network
*
*/
class URE_Task_Queue {
private static $instance = null; // object exemplar reference according to singleton patern
const OPTION_NAME = 'ure_tasks_queue';
private $queue = null;
public static function get_instance() {
if (self::$instance===null) {
self::$instance = new URE_Task_Queue();
}
return self::$instance;
}
// end of get_instance()
protected function __construct() {
$this->init();
}
// end of __construct()
private function init() {
$this->queue = get_option(self::OPTION_NAME, array());
}
// end of init()
public function reinit() {
$this->init();
}
// end of reinit()
/**
*
* @param string $task_id
* @param array $args=array('action'=>'action_name', 'routine'=>'routine_name', 'priority'=>99)
*/
public function add($task_id, $args=array()) {
$this->queue[$task_id] = $args;
update_option(self::OPTION_NAME, $this->queue);
}
// end of add_task()
public function remove($task_id) {
if (isset($this->queue[$task_id])) {
unset($this->queue[$task_id]);
update_option(self::OPTION_NAME, $this->queue);
}
}
// end of remove_task()
/**
* Returns true in case a queue is empty
*
* @return boolean
*/
public function is_empty() {
return count($this->queue)==0;
}
// end of is_empty()
/**
* Consumers should add there tasks with add_method and add 'ure_fulfil_task' action routine to work on it.
* Do not forget remove task after it was fulfilled.
*
* @return void
*/
public function process() {
if ($this->is_empty()) {
return;
}
foreach($this->queue as $task_id=>$task) {
if ($task_id=='on_activation') {
do_action('ure_on_activation');
$this->remove('on_activation'); // remove this task after execution if it was defined
} elseif (!empty($task['action'])) {
$priority = empty($task['priority']) ? 10: $task['priority'];
add_action($task['action'], $task['routine'], $priority);
} else {
add_action('init', $task['routine']);
}
}
}
// end of process();
/**
* Prevent cloning of the instance of the *Singleton* instance.
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of the *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
}
// end of class URE_On_Activation

82
wp/wp-content/plugins/user-role-editor/includes/classes/tools.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
class URE_Tools {
const RESET_ROLES_SECURE_TEXT = 'Permanently delete all custom user roles and capabilities';
private static function show_reset_roles( $tab_idx ) {
$lib = URE_Lib::get_instance();
$multisite = $lib->get('multisite');
$link = URE_Settings::get_settings_link();
if (!$multisite || (is_main_site( get_current_blog_id() ) || ( is_network_admin() && $lib->is_super_admin() ) ) ) {
if ( current_user_can( 'ure_reset_roles' ) ) {
?>
<div style="margin: 10px 0 10px 0; border: 1px solid red; padding: 0 10px 10px 10px; text-align:left;">
<form name="ure_reset_roles_form" id="ure_reset_roles_form" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
<h3>Reset User Roles</h3>
<span style="color: red;"><?php esc_html_e('WARNING!', 'user-role-editor');?></span>&nbsp;
<?php
esc_html_e('Resetting will setup default user roles and capabilities from WordPress core.', 'user-role-editor'); echo '<br>';
esc_html_e('If any plugins (such as WooCommerce, S2Member and many others) have changed user roles and capabilities during installation, those changes will be LOST!', 'user-role-editor'); echo '<br>';
esc_html_e('For more information on how to undo undesired changes and restore plugins capabilities in case you lost them by mistake go to: ', 'user-role-editor');
echo '<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>';
if ( $multisite ) {
?>
<br><br>
<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1" />
<label for="ure_apply_to_all"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
(<?php esc_html_e('If checked, then apply action to ALL sites. Main site only is affected in other case.', 'user-role-editor'); ?>)
<?php
}
?>
<br><br>
<input type="text" id="ure_reset_roles_secure" name="ure_reset_roles_secure" value="" placeholder="<?php echo URE_Tools::RESET_ROLES_SECURE_TEXT;?>" style="width:400px;"/>
&lt;- <span style="color: red;"><?php echo URE_Tools::RESET_ROLES_SECURE_TEXT; ?></span>
<br><br>
<button id="ure_reset_roles_button" style="width: 100px; color: red;" title="<?php esc_html_e('Reset Roles to its original state', 'user-role-editor'); ?>" disabled><?php esc_html_e('Reset', 'user-role-editor');?></button>
<?php wp_nonce_field('user-role-editor'); ?>
<input type="hidden" name="ure_settings_tools_exec" value="1" />
<input type="hidden" name="ure_reset_roles_exec" value="1" />
<input type="hidden" name="ure_tab_idx" value="<?php echo $tab_idx; ?>" />
</form>
</div>
<?php
}
}
}
// end of show_reset()
public static function reset_roles() {
$editor = URE_Editor::get_instance();
if ( !$editor->reset_user_roles() ) {
return;
}
$lib = URE_Lib::get_instance();
$lib->put_option( 'other_default_roles', array(), true );
$lib->show_message( esc_html__('Tools: Reset: User Roles were initialized', 'user-role-editor') );
}
// end of reset_roles()
public static function show( $tab_idx ) {
do_action( 'ure_settings_tools_show', $tab_idx );
// Placed here, after all tools which may be added above, as a very rare needed functionality
self::show_reset_roles( $tab_idx );
}
// end of show()
}
// end of URE_Tools

95
wp/wp-content/plugins/user-role-editor/includes/classes/uninstall.php Normal file
View File

@@ -0,0 +1,95 @@
<?php
class URE_Uninstall {
protected $lib = null;
protected $options = null;
protected $own_caps = null;
public function __construct() {
$this->lib = URE_Lib::get_instance();
$this->init_options_list();
$this->own_caps = array_keys( URE_Own_Capabilities::get_caps() );
}
// end of __construct()
protected function init_options_list() {
$this->options = array();
$this->options[] = 'ure_caps_readable';
$this->options[] = 'ure_show_deprecated_caps';
$this->options[] = 'ure_hide_pro_banner';
$this->options[] = 'ure_role_additional_options_values';
$this->options[] = 'ure_task_queue';
$this->options[] = 'user_role_editor';
}
// end fo init_options_list()
private function delete_options() {
global $wpdb;
$backup_option_name = $wpdb->prefix . 'backup_user_roles';
delete_option( $backup_option_name );
foreach ( $this->options as $option_name ) {
delete_option( $option_name );
}
}
// end of delete_options()
private function delete_caps() {
$wp_roles = wp_roles();
if ( $wp_roles->use_db ) {
$wp_roles->use_db = false; // minimize database update requests
$use_db = true;
} else {
$use_db = false;
}
foreach( $wp_roles->roles as $role_id=>$role ) {
foreach( $this->own_caps as $cap ) {
if ( isset( $role['capabilities'][ $cap ]) ) {
$wp_roles->remove_cap( $role_id, $cap );
}
}
}
if ( $use_db ) { // save changes to the database
$wp_roles->add_cap( 'subscriber', 'dummy_cap' );
$wp_roles->use_db = true; // restore original value
$wp_roles->remove_cap( 'subscriber', 'dummy_cap' );
}
}
// end of delete_caps()
public function act() {
global $wpdb;
if ( !is_multisite() ) {
$this->delete_options();
$this->delete_caps();
} else {
$old_blog = $wpdb->blogid;
$blog_ids = $this->lib->get_blog_ids();
foreach ( $blog_ids as $blog_id ) {
switch_to_blog( $blog_id );
$this->delete_options();
$this->delete_caps();
}
$this->lib->restore_after_blog_switching( $old_blog );
}
}
// end of act()
}
// end of class URE_Uninstall

416
wp/wp-content/plugins/user-role-editor/includes/classes/user-other-roles.php Normal file
View File

@@ -0,0 +1,416 @@
<?php
/*
* Project: User Role Editor WordPress plugin
* Class for Assigning to a user multiple roles
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class URE_User_Other_Roles {
protected $lib = null;
private static $counter = 0;
function __construct() {
$this->lib = URE_Lib::get_instance();
$this->set_hooks();
}
// end of $lib
public function set_hooks() {
add_filter( 'additional_capabilities_display', array($this, 'additional_capabilities_display'), 10, 1);
add_action( 'admin_print_styles-user-edit.php', array($this, 'load_css') );
add_action( 'admin_print_styles-user-new.php', array($this, 'load_css') );
add_action( 'admin_enqueue_scripts', array($this, 'load_js' ) );
add_action( 'edit_user_profile', array($this, 'edit_user_profile_html'), 10, 1 );
add_action( 'user_new_form', array($this, 'user_new_form'), 10, 1 );
add_action( 'profile_update', array($this, 'update'), 10 );
$multisite = $this->lib->get('multisite');
if ($multisite) {
add_action( 'wpmu_activate_user', array($this, 'add_other_roles'), 10, 1 );
add_action( 'added_existing_user', array($this, 'add_other_roles'), 10, 1);
}
add_action( 'user_register', array($this, 'add_other_roles'), 10, 1 );
}
// end of set_hooks()
public function additional_capabilities_display( $display ) {
$show = apply_filters('ure_show_additional_capabilities_section', true);
if ( empty( $show ) ) {
return $display;
}
if ( !current_user_can('promote_users') ) {
return $display; // No permissions to promote users
}
$display = false;
return $display;
}
// end of additional_capabilities_display()
/*
* Load CSS for the user profile edit page
*/
public function load_css() {
$show = apply_filters('ure_show_additional_capabilities_section', true );
if ( empty( $show ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
if ( defined('WP_DEBUG') && !empty( WP_DEBUG ) ) {
$file_name = 'multiple-select.css';
} else {
$file_name = 'multiple-select.min.css';
}
wp_enqueue_style('wp-jquery-ui-dialog');
wp_enqueue_style('ure-jquery-multiple-select', plugins_url('/css/'. $file_name, URE_PLUGIN_FULL_PATH ), array(), false, 'screen');
}
// end of load_css()
public function load_js($hook_suffix) {
if ( !in_array( $hook_suffix, array('user-edit.php', 'user-new.php') ) ) {
return;
}
$show = apply_filters('ure_show_additional_capabilities_section', true );
if ( empty( $show ) ) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
if ( defined('WP_DEBUG') && !empty( WP_DEBUG ) ) {
$ms_file_name = 'multiple-select.js';
} else {
$ms_file_name = 'multiple-select.min.js';
}
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'), false, true );
wp_register_script('ure-jquery-multiple-select', plugins_url('/js/'. $ms_file_name, URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-jquery-multiple-select');
wp_register_script('ure-user-profile-other-roles', plugins_url('/js/user-profile-other-roles.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-user-profile-other-roles');
wp_localize_script('ure-user-profile-other-roles', 'ure_data_user_profile_other_roles', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'other_roles' => esc_html__('Other Roles', 'user-role-editor'),
'select_roles' => esc_html__('Select additional roles for this user', 'user-role-editor'),
'select_primary_role' => ($select_primary_role || $this->lib->is_super_admin()) ? 1: 0
));
}
// end of load_js()
/**
* Returns list of user roles, except 1st one, and bbPress assigned as they are shown by WordPress and bbPress themselves.
*
* @param type $user WP_User from wp-includes/capabilities.php
* @return array
*/
public function get_roles_array( $user ) {
if ( !is_array( $user->roles ) || count( $user->roles )<=1 ) {
return array();
}
// get bbPress assigned user role
if ( function_exists( 'bbp_filter_blog_editable_roles' ) ) {
$bb_press_role = bbp_get_user_role( $user->ID );
} else {
$bb_press_role = '';
}
$roles = array();
foreach ( $user->roles as $role) {
if (!empty($bb_press_role) && $bb_press_role === $role) {
// exclude bbPress assigned role
continue;
}
$roles[] = $role;
}
array_shift( $roles ); // exclude primary role which is shown by WordPress itself
return $roles;
}
// end of get_roles_array()
private function roles_select_html($user, $context) {
global $wp_roles;
$user_roles = $user->roles;
$primary_role = array_shift($user_roles);
$roles = apply_filters('editable_roles', $wp_roles->roles); // exclude restricted roles if any
$roles = array_reverse( $roles );
if (isset($roles[$primary_role])) { // exclude role assigned to the user as a primary role
unset($roles[$primary_role]);
}
$button_number = (self::$counter>0) ? '_2': '';
echo '<select multiple="multiple" id="ure_select_other_roles'. $button_number .'" name="ure_select_other_roles" style="width: 500px;" >'."\n";
foreach($roles as $key=>$role) {
echo '<option value="'.$key.'" >'.$role['name'].'</option>'."\n";
} // foreach()
echo '</select><br>'."\n";
if ($context=='add-new-user' || $context=='add-existing-user') {
// Get other default roles
$other_roles = $this->lib->get_option('other_default_roles', array());
} else {
$other_roles = $this->get_roles_array($user);
}
if (is_array($other_roles) && count($other_roles) > 0) {
$other_roles_str = implode(',', $other_roles);
} else {
$other_roles_str = '';
}
echo '<input type="hidden" name="ure_other_roles" id="ure_other_roles'. $button_number .'" value="' . $other_roles_str . '" />';
$output = $this->lib->roles_text($other_roles);
echo '<span id="ure_other_roles_list'. $button_number .'">'. $output .'</span>';
self::$counter++;
}
// end of roles_select()
/**
* Returns comma separated string of capabilities directly (not through the roles) assigned to the user
*
* @global WP_Roles $wp_roles
* @param object $user
* @return string
*/
private function get_user_caps_str( $user ) {
global $wp_roles;
$output = '';
foreach ($user->caps as $cap => $value) {
if (!$wp_roles->is_role($cap)) {
if ('' != $output) {
$output .= ', ';
}
$output .= $value ? $cap : sprintf(__('Denied: %s'), $cap);
}
}
return $output;
}
// end of get_user_caps_str()
private function user_profile_capabilities($user) {
$current_user_id = get_current_user_id();
$user_caps = $this->get_user_caps_str( $user );
?>
<tr>
<th>
<?php esc_html_e('Capabilities', 'user-role-editor'); ?>
</th>
<td>
<?php
echo $user_caps .'<br/>';
if ($this->lib->user_is_admin( $current_user_id ) ) {
echo '<a href="' . wp_nonce_url("users.php?page=users-".URE_PLUGIN_FILE."&object=user&amp;user_id={$user->ID}", "ure_user_{$user->ID}") . '">' .
esc_html__('Edit', 'user-role-editor') . '</a>';
}
?>
</td>
</tr>
<?php
}
// end of user_profile_capabilities()
private function display($user, $context) {
?>
<table class="form-table">
<tr>
<th scope="row"><?php esc_html_e('Other Roles', 'user-role-editor'); ?></th>
<td>
<?php
$this->roles_select_html($user, $context);
?>
</td>
</tr>
<?php
if ($context=='user-edit') {
$this->user_profile_capabilities($user);
}
?>
</table>
<?php
}
// end of display()
private function is_user_profile_extention_allowed() {
// Check if we are not at the network admin center
$result = stripos($_SERVER['REQUEST_URI'], 'network/user-edit.php') == false;
return $result;
}
// end of is_user_profile_extention_allowed()
/**
* Add URE stuff to the edit user profile page
*
* @param object $user
* @return void
*/
public function edit_user_profile_html($user) {
if (!$this->is_user_profile_extention_allowed()) {
return;
}
$show = apply_filters('ure_show_additional_capabilities_section', true);
if (empty($show)) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
?>
<h3><?php esc_html_e('Additional Capabilities', 'user-role-editor'); ?></h3>
<?php
$this->display($user, 'user-edit');
}
// end of edit_user_profile_html()
public function user_new_form( $context ) {
$show = apply_filters('ure_show_additional_capabilities_section', true);
if (empty($show)) {
return;
}
if ( !current_user_can('promote_users') ) {
return; // No permissions to promote users
}
$user = new WP_User();
$this->display( $user, $context );
}
// end of user_new_form()
/*
* Save additional user roles when user profile is updated, as WordPress itself doesn't know about them
* Returns different numbers for automatic testing purpose
*/
public function update( $user_id ) {
if ( !current_user_can('promote_users') ) {
return -1; // No permissions to promote users
}
if ( !current_user_can('edit_user', $user_id) ) {
return -1; // No permissions to edit this user
}
if ( !isset( $_POST['ure_other_roles'] ) ) {
return 3; // Add default other roles, there is no related data at the POST
}
if ( empty( $_POST['ure_other_roles'] ) ) {
return 1; // There is no need in processing of other roles. User did not select them
}
$user = get_userdata( $user_id );
$data = explode(',', str_replace(' ', '', $_POST['ure_other_roles'] ) );
$editable_roles = get_editable_roles();
$ure_other_roles = array();
foreach( $data as $role_id ) {
if ( empty( $role_id ) ) {
continue;
}
if ( !isset( $editable_roles[ $role_id ] ) ) {
return -2; // If the role isn't editable by the current user, stop processing - no permission to assign this role.
}
if ( is_array( $user->roles ) && !in_array( $role_id, $user->roles ) ) {
$ure_other_roles[] = $role_id;
}
}
foreach( $ure_other_roles as $role ) {
$user->add_role( $role );
}
return 2;
}
// end of update()
public function add_default_other_roles( $user_id ) {
if ( empty( $user_id ) ) {
return false;
}
$user = get_user_by('id', $user_id );
if ( empty( $user->ID ) ) {
return true;
}
// Get default roles if any
$other_default_roles = $this->lib->get_option('other_default_roles', array() );
if ( count( $other_default_roles ) == 0 ) {
return true;
}
foreach ( $other_default_roles as $role ) {
if ( !isset( $user->caps[$role] ) ) {
$user->add_role( $role );
}
}
}
// end of add_default_other_roles()
public function add_other_roles( $user_id ) {
if ( empty( $user_id ) ) {
return false;
}
$result = $this->update( $user_id );
if ( $result==3 ) { // Other roles were not selected manually
$this->add_default_other_roles( $user_id );
}
}
// end of add_other_roles()
}
// end of URE_User_Other_Roles class

987
wp/wp-content/plugins/user-role-editor/includes/classes/user-role-editor.php Normal file
View File

@@ -0,0 +1,987 @@
<?php
/*
* Main class of User Role Editor WordPress plugin
* Author: Vladimir Garagulya
* Author email: support@role-editor.com
* Author URI: https://www.role-editor.com
* License: GPL v2+
*
*/
class User_Role_Editor {
protected static $instance = null; // object exemplar reference
// plugin specific library object: common code stuff, including options data processor
protected $lib = null;
// work with user multiple roles class
protected $user_other_roles = null;
// plugin's Settings page reference, we've got it from add_options_pages() call
protected $settings_page_hook = null;
// URE's key capability
public $key_capability = 'not allowed';
protected $main_page_hook_suffix = null;
protected $settings_hook_suffix = null;
// URE pages hook suffixes
protected $ure_hook_suffixes = null;
public static function get_instance() {
if ( self::$instance===null ) {
self::$instance = new User_Role_Editor();
}
return self::$instance;
}
// end of get_instance()
/**
* Prevent cloning of a *Singleton* instance
*
* @return void
*/
public function __clone() {
throw new \Exception('Do not clone a singleton instance.');
}
// end of __clone()
/**
* Prevent unserializing of a *Singleton* instance.
*
* @return void
*/
public function __wakeup() {
throw new \Exception('Do not unserialize a singleton instance.');
}
// end of __wakeup()
/**
* class constructor
*/
protected function __construct() {
if (empty($this->lib)) {
$this->lib = URE_Lib::get_instance('user_role_editor');
}
$this->user_other_roles = new URE_User_Other_Roles();
if ($this->lib->is_pro()) {
$this->main_page_hook_suffix = 'users_page_users-user-role-editor-pro';
$this->settings_hook_suffix = 'settings_page_settings-user-role-editor-pro';
} else {
$this->main_page_hook_suffix = 'users_page_users-user-role-editor';
$this->settings_hook_suffix = 'settings_page_settings-user-role-editor';
}
$this->ure_hook_suffixes = array($this->settings_hook_suffix, $this->main_page_hook_suffix);
// Activation action
register_activation_hook( URE_PLUGIN_FULL_PATH, array($this, 'setup') );
// Deactivation action
register_deactivation_hook( URE_PLUGIN_FULL_PATH, array($this, 'cleanup') );
// Who can use this plugin
$this->key_capability = URE_Own_Capabilities::get_key_capability();
// Process URE's internal tasks queue
$task_queue = URE_Task_Queue::get_instance();
$task_queue->process();
$this->set_hooks();
}
// end of __construct()
private function set_hooks() {
$multisite = $this->lib->get('multisite');
if ($multisite) {
// new blog may be registered not at admin back-end only but automatically after new user registration, e.g.
// Gravity Forms User Registration Addon does
add_action( 'wp_initialize_site', array($this, 'duplicate_roles_for_new_blog'), 99, 1);
}
// setup additional options hooks for the roles
add_action('init', array($this, 'set_role_additional_options_hooks'), 9);
if (!is_admin()) {
return;
}
add_action( 'admin_init', array($this, 'plugin_init'), 1 );
// Add the translation function after the plugins loaded hook.
add_action('plugins_loaded', array($this, 'load_translation'));
// add own submenu
add_action('admin_menu', array($this, 'plugin_menu'));
if ( $multisite ) {
// add own submenu
add_action( 'network_admin_menu', array($this, 'network_plugin_menu') );
}
// add a Settings link in the installed plugins page
add_filter('plugin_action_links_'. URE_PLUGIN_BASE_NAME, array($this, 'plugin_action_links'), 10, 1);
add_filter('plugin_row_meta', array($this, 'plugin_row_meta'), 10, 2);
}
// end of set_hooks()
/**
* True - if it's an instance of Pro version, false - for free version
* @return boolean
*/
public function is_pro() {
return $this->lib->is_pro();
}
// end of is_pro()
public function load_users_page() {
add_action('restrict_manage_users', array($this, 'show_move_users_from_no_role_button'));
add_action('admin_head', array($this, 'add_css_to_users_page'));
add_action('admin_footer', array($this, 'add_js_to_users_page'));
}
// end of load_users_page()
/**
* Plugin initialization
*
*/
public function plugin_init() {
global $pagenow;
$user_id = get_current_user_id();
$supress_protection = apply_filters('ure_supress_administrators_protection', false);
// these filters and actions should prevent editing users with administrator role
// by other users with 'edit_users' capability
if (!$supress_protection && !$this->lib->user_is_admin($user_id)) {
new URE_Protect_Admin();
}
add_action('admin_enqueue_scripts', array($this, 'admin_load_js'));
add_action('user_row_actions', array($this, 'user_row'), 10, 2);
add_filter('all_plugins', array($this, 'exclude_from_plugins_list'));
$multisite = $this->lib->get('multisite');
if ($multisite) {
$allow_edit_users_to_not_super_admin = $this->lib->get_option('allow_edit_users_to_not_super_admin', 0);
if ($allow_edit_users_to_not_super_admin) {
// Make this as late as possible, to overwrite settings made by other plugins, like WooCommerce
add_filter('map_meta_cap', array($this, 'restore_users_edit_caps'), 99, 4);
remove_all_filters('enable_edit_any_user_configuration');
add_filter('enable_edit_any_user_configuration', '__return_true');
// make this as early as you can, to not provide superadmin privilege when it's not needed
add_action('admin_head', array($this, 'edit_user_permission_check'), 1);
if ($pagenow == 'user-new.php') {
add_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
}
}
if ( $pagenow=='site-users.php' ) {
// Try to execute before any other function linked to this filter
add_filter('editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
}
} else {
$count_users_without_role = $this->lib->get_option('count_users_without_role', 0);
if ($count_users_without_role) {
add_action( 'load-users.php', array($this, 'load_users_page') );
}
}
$bulk_grant_roles = apply_filters('ure_bulk_grant_roles', true);
if ($bulk_grant_roles) {
new URE_Grant_Roles();
}
add_action('wp_ajax_ure_ajax', array($this, 'ure_ajax'));
add_action('editable_roles', array( $this, 'translate_custom_roles' ), 10, 1 );
// Input parameter $roles_sorting_order = false by default
// Acceptable values:
// true - sort by role ID (for backward compatibility),
// 'id' - sort roles by role ID,
// 'name' - sort roles by role name.
$roles_sorting_order = apply_filters( 'ure_sort_wp_roles_list', false);
if ( !empty( $roles_sorting_order ) ) {
$this->lib->set('roles_sorting_order', $roles_sorting_order );
add_filter('editable_roles', array( $this, 'sort_wp_roles_list' ), 11, 1 );
}
}
// end of plugin_init()
/**
* Allow non-superadmin user to add/create users to the site as superadmin does.
* Include current user to the list of superadmins - for the user-new.php page only, and
* if user really can create_users and promote_users
* @global string $pagenow
* @param array $site_admins
* @return array
*/
public function allow_add_user_as_superadmin($site_admins) {
global $pagenow;
$this->lib->set_raised_permissions(false);
if ($pagenow!=='user-new.php') {
return $site_admins;
}
// Check if current user really can create and promote users
remove_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
$can_add_user = current_user_can('create_users') && current_user_can('promote_users');
add_filter('site_option_site_admins', array($this, 'allow_add_user_as_superadmin'));
if (!$can_add_user) {
return $site_admins; // no help in this case
}
$current_user = wp_get_current_user();
if (!in_array($current_user->user_login, $site_admins)) {
$this->lib->set_raised_permissions(true);
$site_admins[] = $current_user->user_login;
}
return $site_admins;
}
// end of allow_add_user_as_superadmin()
public function show_move_users_from_no_role_button() {
if ( !current_user_can( 'promote_users' ) ) {
return;
}
$assign_role = $this->lib->get_assign_role();
$assign_role->show_html();
}
// end of move_users_from_no_role()
public function add_css_to_users_page() {
wp_enqueue_style( 'wp-jquery-ui-dialog' );
wp_enqueue_style( 'ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen' );
}
// end of add_css_to_users_page()
public function add_js_to_users_page() {
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core','jquery-ui-button', 'jquery'), false, true );
wp_register_script( 'ure-users', plugins_url( '/js/users.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script ( 'ure-users' );
wp_localize_script( 'ure-users', 'ure_users_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'move_from_no_role_title' => esc_html__('Change role for users without role', 'user-role-editor'),
'to' => esc_html__('To:', 'user-role-editor'),
'no_rights_caption' => esc_html__('No rights', 'user-role-editor'),
'provide_new_role_caption' => esc_html__('Provide new role', 'user-role-editor')
));
}
// end of add_js_to_users_page()
/**
* restore edit_users, delete_users, create_users capabilities for non-superadmin users under multisite
* (code is provided by http://wordpress.org/support/profile/sjobidoo)
*
* @param type $caps
* @param type $cap
* @param type $user_id
* @param type $args
* @return type
*/
public function restore_users_edit_caps($caps, $cap, $user_id, $args) {
foreach ($caps as $key => $capability) {
if ($capability != 'do_not_allow')
continue;
switch ($cap) {
case 'edit_user':
case 'edit_users':
$caps[$key] = 'edit_users';
break;
case 'delete_user':
case 'delete_users':
$caps[$key] = 'delete_users';
break;
case 'create_users':
$caps[$key] = $cap;
break;
}
}
return $caps;
}
// end of restore_user_edit_caps()
/**
* Checks that both the editing user and the user being edited are
* members of the blog and prevents the super admin being edited.
* (code is provided by http://wordpress.org/support/profile/sjobidoo)
*
*/
public function edit_user_permission_check() {
global $profileuser;
$current_user_id = get_current_user_id();
if ($current_user_id===0) {
return;
}
if ($this->lib->is_super_admin()) { // Superadmin may do all
return;
}
$screen = get_current_screen();
if (empty($screen)) {
return;
}
if ($screen->base !== 'user-edit' && $screen->base !== 'user-edit-network') {
return;
}
if ( !isset( $profileuser->ID ) ) {
return;
}
$current_blog_id = get_current_blog_id();
// editing a user profile: it's correct to call is_super_admin() directly here, as permissions are raised for the $current_user only
if ( !$this->lib->is_super_admin( $current_user_id ) && is_super_admin( $profileuser->ID ) ) { // trying to edit a superadmin while himself is less than a superadmin
wp_die( esc_html__('You do not have permission to edit this user.', 'user-role-editor') );
} elseif ( !( is_user_member_of_blog( $profileuser->ID, $current_blog_id ) && is_user_member_of_blog( $current_user_id, $current_blog_id ) ) ) { // editing user and edited user aren't members of the same blog
wp_die( esc_html__('You do not have permission to edit this user.', 'user-role-editor') );
}
}
// end of edit_user_permission_check()
/**
* Add/hide edit actions for every user row at the users list
*
* @global type $pagenow
* @param string $actions
* @param type $user
* @return string
*/
public function user_row($actions, $user) {
global $pagenow;
if ($pagenow!=='users.php') {
return $actions;
}
$current_user = wp_get_current_user();
if ($current_user->has_cap($this->key_capability)) {
$actions['capabilities'] = '<a href="' .
wp_nonce_url("users.php?page=users-" . URE_PLUGIN_FILE . "&object=user&amp;user_id={$user->ID}", "ure_user_{$user->ID}") .
'">' . esc_html__('Capabilities', 'user-role-editor') . '</a>';
}
return $actions;
}
// end of user_row()
/**
* Every time when new blog is created - duplicate for it the roles from the main blog
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @param WP_Site $site
* @param int $user_id
*
*/
public function duplicate_roles_for_new_blog( $site ) {
global $wpdb, $wp_roles;
// get Id of 1st (main) blog
$main_blog_id = $this->lib->get_main_blog_id();
if ( empty( $main_blog_id ) ) {
return;
}
$current_blog = $wpdb->blogid;
if ( $current_blog!=$main_blog_id ) {
switch_to_blog( $main_blog_id );
}
$main_roles = new WP_Roles(); // Get roles from primary blog
$default_role = get_option( 'default_role' ); // get default role from primary blog
$addons_data = apply_filters( 'ure_get_addons_data_for_new_blog', array() ); // Load addons data to replicate later for the new site - for internal use in a Pro version
$blog_id = $site->blog_id;
switch_to_blog( $blog_id ); // switch to the new created blog
$main_roles->use_db = false; // do not touch DB
$main_roles->add_cap( 'administrator', 'dummy_123456' ); // just to save current roles into new blog
$main_roles->role_key = $wp_roles->role_key;
$main_roles->use_db = true; // save roles into new blog DB
$main_roles->remove_cap( 'administrator', 'dummy_123456' ); // remove unneeded dummy capability
update_option( 'default_role', $default_role ); // set default role for new blog as it set for primary one
if ( !empty($addons_data) ) {
do_action('ure_set_addons_data_for_new_blog', $blog_id, $addons_data); // save addons data from the main site/blog to the new site/blog - for internal use in a Pro version
}
switch_to_blog( $current_blog ); // return to blog where we were at the begin
}
// end of duplicate_roles_for_new_blog()
/**
* Filter out URE plugin from not admin users to prevent its not authorized deactivation
* @param type array $plugins plugins list
* @return type array $plugins updated plugins list
*/
public function exclude_from_plugins_list($plugins) {
$multisite = $this->lib->get('multisite');
// if multi-site, then allow plugin activation for network superadmins and, if that's specially defined, - for single site administrators too
if ($multisite) {
if ($this->lib->is_super_admin() || $this->lib->user_is_admin()) {
return $plugins;
}
} else {
// is_super_admin() defines superadmin for not multisite as user who can 'delete_users' which I don't like.
// So let's check if user has 'administrator' role better.
if (current_user_can('administrator') || $this->lib->user_is_admin()) {
return $plugins;
}
}
// exclude URE from plugins list
$key = basename(URE_PLUGIN_DIR) . '/' . URE_PLUGIN_FILE;
unset($plugins[$key]);
return $plugins;
}
// end of exclude_from_plugins_list()
/**
* Load plugin translation files - linked to the 'plugins_loaded' action
*
*/
function load_translation() {
load_plugin_textdomain('user-role-editor', false, dirname( plugin_basename( URE_PLUGIN_FULL_PATH ) ) .'/lang');
if ( function_exists('pll_register_string') ) {
// Integration with PolyLang plugin (https://wordpress.org/plugins/polylang/)
$all_roles = wp_roles()->roles;
foreach( $all_roles as $role_id=>$role ) {
if ( !$this->lib->is_wp_built_in_role( $role_id ) ) {
pll_register_string( $role_id, $role['name'], 'user-role-editor' );
}
}
}
}
// end of ure_load_translation()
/**
* Modify plugin action links
*
* @param array $links
* @return array
*/
public function plugin_action_links($links) {
$single_site_settings_link = '<a href="options-general.php?page=settings-' . URE_PLUGIN_FILE . '">' . esc_html__('Settings', 'user-role-editor') .'</a>';
$multisite = $this->lib->get('multisite');
if (!$multisite ) {
$settings_link = $single_site_settings_link;
} else {
$ure = basename(URE_PLUGIN_DIR) . '/' . URE_PLUGIN_FILE;
$active_for_network = is_plugin_active_for_network($ure);
if (!$active_for_network) {
$settings_link = $single_site_settings_link;
} else {
if (!current_user_can('manage_network_plugins')) {
return $links;
}
$settings_link = '<a href="'. network_admin_url() .'settings.php?page=settings-'. URE_PLUGIN_FILE .'">'. esc_html__('Settings', 'user-role-editor') .'</a>';
}
}
array_unshift($links, $settings_link);
return $links;
}
// end of plugin_action_links()
public function plugin_row_meta($links, $file) {
if ($file == plugin_basename(dirname(URE_PLUGIN_FULL_PATH) .'/'.URE_PLUGIN_FILE)) {
$links[] = '<a target="_blank" href="https://www.role-editor.com/changelog">' . esc_html__('Changelog', 'user-role-editor') . '</a>';
}
return $links;
}
// end of plugin_row_meta
public function settings_screen_configure() {
$multisite = $this->lib->get('multisite');
$settings_page_hook = $this->settings_page_hook;
if ($multisite) {
$settings_page_hook .= '-network';
}
$screen = get_current_screen();
// Check if current screen is URE's settings page
if ($screen->id != $settings_page_hook) {
return;
}
$screen_help = new Ure_Screen_Help();
$screen->add_help_tab( array(
'id' => 'general',
'title' => esc_html__('General', 'user-role-editor'),
'content' => $screen_help->get_settings_help('general')
));
if ($this->lib->is_pro() || !$multisite) {
$screen->add_help_tab( array(
'id' => 'additional_modules',
'title' => esc_html__('Additional Modules', 'user-role-editor'),
'content' => $screen_help->get_settings_help('additional_modules')
));
}
$screen->add_help_tab( array(
'id' => 'default_roles',
'title' => esc_html__('Default Roles', 'user-role-editor'),
'content' => $screen_help->get_settings_help('default_roles')
));
if ($multisite) {
$screen->add_help_tab( array(
'id' => 'multisite',
'title' => esc_html__('Multisite', 'user-role-editor'),
'content' => $screen_help->get_settings_help('multisite')
));
}
}
// end of settings_screen_configure()
public function plugin_menu() {
if (function_exists('add_submenu_page')) {
$ure_page = add_submenu_page(
'users.php',
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
'ure_edit_roles',
'users-' . URE_PLUGIN_FILE,
array($this, 'edit_roles'));
add_action("admin_print_styles-$ure_page", array($this, 'admin_css_action'));
}
$multisite = $this->lib->get('multisite');
$active_for_network = $this->lib->get('active_for_network');
if ( !$multisite || ($multisite && !$active_for_network) ) {
$settings_capability = URE_Own_Capabilities::get_settings_capability();
$this->settings_page_hook = add_options_page(
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
$settings_capability,
'settings-' . URE_PLUGIN_FILE,
array($this, 'settings'));
add_action( 'load-'.$this->settings_page_hook, array($this,'settings_screen_configure') );
add_action("admin_print_styles-{$this->settings_page_hook}", array($this, 'settings_css_action'));
}
}
// end of plugin_menu()
public function network_plugin_menu() {
if (is_multisite()) {
$this->settings_page_hook = add_submenu_page(
'settings.php',
esc_html__('User Role Editor', 'user-role-editor'),
esc_html__('User Role Editor', 'user-role-editor'),
$this->key_capability,
'settings-' . URE_PLUGIN_FILE,
array(&$this, 'settings'));
add_action( 'load-'.$this->settings_page_hook, array($this,'settings_screen_configure') );
add_action("admin_print_styles-{$this->settings_page_hook}", array($this, 'settings_css_action'));
}
}
// end of network_plugin_menu()
public function settings() {
$settings_capability = URE_Own_Capabilities::get_settings_capability();
if (!current_user_can($settings_capability)) {
wp_die(esc_html__( 'You do not have sufficient permissions to manage options for User Role Editor.', 'user-role-editor' ));
}
URE_Settings::show();
}
// end of settings()
public function admin_css_action() {
wp_enqueue_style('wp-jquery-ui-selectable');
wp_enqueue_style('ure-jquery-ui-general', URE_PLUGIN_URL . 'css/jquery-ui.min.css', array(), URE_VERSION, 'screen');
wp_enqueue_style('ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen');
}
// end of admin_css_action()
public function settings_css_action() {
wp_enqueue_style('ure-jquery-ui-tabs', URE_PLUGIN_URL . 'css/jquery-ui.min.css', array(), URE_VERSION, 'screen');
wp_enqueue_style('ure-admin', URE_PLUGIN_URL . 'css/ure-admin.css', array(), URE_VERSION, 'screen');
}
// end of admin_css_action()
// call roles editor page
public function edit_roles() {
if (!current_user_can('ure_edit_roles')) {
wp_die(esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'));
}
$editor = URE_Editor::get_instance();
$editor->show();
}
// end of edit_roles()
/**
* Create backup record for the WordPress user roles
* Run once on URE activation
*
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @return type
*/
protected function backup_wp_roles() {
global $wpdb;
$site_id = get_current_blog_id();
$backup_roles_key = $wpdb->get_blog_prefix($site_id) .'backup_user_roles';
// check if backup user roles record exists already
$result = get_option($backup_roles_key, false);
if (!empty($result)) {
return;
}
$wp_roles = wp_roles();
update_option($backup_roles_key, $wp_roles->roles, false);
}
// end of backup_wp_roles()
/**
* execute on plugin activation
*/
function setup() {
$this->backup_wp_roles();
URE_Own_Capabilities::init_caps();
$task_queue = URE_Task_Queue::get_instance();
$task_queue->add('on_activation');
}
// end of setup()
protected function get_ure_page_url() {
$page_url = admin_url() . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE;
$object = $this->lib->get_request_var('object', 'get');
$user_id = (int) $this->lib->get_request_var('user_id', 'get', 'int');
if ($object=='user' && $user_id>0) {
$page_url .= '&object=user&user_id='. $user_id;
}
return $page_url;
}
// end of get_ure_page_url()
protected function load_main_page_js() {
$confirm_role_update = $this->lib->get_option('ure_confirm_role_update', 1);
$page_url = $this->get_ure_page_url();
$multisite = $this->lib->get('multisite');
if ( !( $multisite && $this->lib->is_super_admin() ) ) {
$do_not_revoke_from_admin = true;
} else {
// do not limit SuperAdmin for multi-site
$do_not_revoke_from_admin = false;
}
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-selectable', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('notifyjs', plugins_url('/js/notify.min.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_register_script('ure', plugins_url('/js/ure.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure');
wp_localize_script('ure', 'ure_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'network_admin' => is_network_admin() ? 1 : 0,
'page_url' => $page_url,
'is_multisite' => is_multisite() ? 1 : 0,
'do_not_revoke_from_admin' => $do_not_revoke_from_admin ? 1 : 0,
'confirm_role_update' => $confirm_role_update ? 1 : 0,
'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
'yes_label' => esc_html__('Yes', 'user-role-editor'),
'no_label' => esc_html__('No', 'user-role-editor'),
'update' => esc_html__('Update', 'user-role-editor'),
'confirm_submit' => esc_html__('Please confirm permissions update', 'user-role-editor'),
'add_new_role_title' => esc_html__('Add New Role', 'user-role-editor'),
'rename_role_title' => esc_html__('Rename Role', 'user-role-editor'),
'role_name_required' => esc_html__(' Role name (ID) can not be empty!', 'user-role-editor'),
'role_name_valid_chars' => esc_html__(' Role name (ID) must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor'),
'numeric_role_name_prohibited' => esc_html__(' WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor'),
'add_role' => esc_html__('Add Role', 'user-role-editor'),
'rename_role' => esc_html__('Rename Role', 'user-role-editor'),
'delete_role' => esc_html__('Delete Role', 'user-role-editor'),
'cancel' => esc_html__('Cancel', 'user-role-editor'),
'add_capability' => esc_html__('Add Capability', 'user-role-editor'),
'delete_capability' => esc_html__('Delete Capability', 'user-role-editor'),
'default_role' => esc_html__('Default Role', 'user-role-editor'),
'set_new_default_role' => esc_html__('Set New Default Role', 'user-role-editor'),
'delete_capability' => esc_html__('Delete Capability', 'user-role-editor'),
'delete_capability_warning' => esc_html__('Warning! Be careful - removing critical capability could crash some plugin or other custom code', 'user-role-editor'),
'capability_name_required' => esc_html__(' Capability name (ID) can not be empty!', 'user-role-editor'),
'capability_name_valid_chars' => esc_html__(' Capability name (ID) must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor'),
));
// load additional JS stuff for Pro version, if exists
do_action('ure_load_js');
}
// end of load_main_page_js()
protected function load_settings_js() {
$page_url = $this->get_ure_page_url();
wp_enqueue_script('jquery-ui-tabs', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery'), false, true );
wp_enqueue_script('jquery-ui-button', '', array('jquery-ui-core', 'jquery'), false, true );
wp_register_script('ure-settings', plugins_url('/js/settings.js', URE_PLUGIN_FULL_PATH ), array(), URE_VERSION, true );
wp_enqueue_script('ure-settings');
wp_localize_script('ure-settings', 'ure_data', array(
'wp_nonce' => wp_create_nonce('user-role-editor'),
'network_admin' => is_network_admin() ? 1 : 0,
'page_url' => $page_url,
'is_multisite' => is_multisite() ? 1 : 0,
'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
'yes_label' => esc_html__('Yes', 'user-role-editor'),
'no_label' => esc_html__('No', 'user-role-editor'),
'reset' => esc_html__('Reset', 'user-role-editor'),
'reset_warning' => '<span style="color: red;">'. esc_html__('DANGER!', 'user-role-editor') .'</span>'.
esc_html__(' Resetting will restore default user roles and capabilities from WordPress core.', 'user-role-editor') .'<br><br>'.
esc_html__('If any plugins (such as WooCommerce, S2Member and many others) have changed user roles and capabilities during installation, all those changes will be LOST!', 'user-role-editor') .'<br>'.
esc_html__('For more information on how to undo undesired changes and restore plugin capabilities go to', 'user-role-editor') .'<br>'.
'<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>' .'<br><br>'.
esc_html__('Continue?', 'user-role-editor'),
'reset_roles_secure_text' => URE_Tools::RESET_ROLES_SECURE_TEXT
));
do_action('ure_load_js_settings');
}
// end of load_settings_js()
/**
* Load plugin javascript stuff
*
* @param string $hook_suffix
*/
public function admin_load_js($hook_suffix) {
URE_Known_JS_CSS_Compatibility_Issues::fix($hook_suffix, $this->ure_hook_suffixes);
if ($hook_suffix==$this->main_page_hook_suffix) {
$this->load_main_page_js();
} elseif($hook_suffix==$this->settings_hook_suffix) {
$this->load_settings_js();
}
}
// end of admin_load_js()
public function ure_ajax() {
$ajax_processor = new URE_Ajax_Processor();
$ajax_processor->dispatch();
}
// end of ure_ajax()
public function set_role_additional_options_hooks() {
$role_additional_options = URE_Role_Additional_Options::get_instance($this->lib);
$role_additional_options->set_active_items_hooks();
}
// end of set_role_additional_options_hooks()
private function sort_roles_by_name( $roles ) {
$role_names = array();
foreach( $roles as $role_id=>$role ) {
$role_names[$role_id] = $role['name'];
}
asort( $role_names );
$roles1 = array();
foreach( $role_names as $role_id=>$role_name ) {
$roles1[$role_id] = $roles[$role_id];
}
return $roles1;
}
// end of sort_roles_by_name()
/**
* Sort roles array alphabetically
* @param array $roles
* @return array
*/
public function sort_wp_roles_list( $roles ) {
$roles_sorting_order = $this->lib->get('roles_sorting_order');
if ( $roles_sorting_order==='id' || $roles_sorting_order===true ) {
// sort by role ID
ksort( $roles );
return $roles;
} else if ( $roles_sorting_order==='name') {
// sort by role name
$roles1 = $this->sort_roles_by_name( $roles );
return $roles1;
} else {
// change nothing
return $roles;
}
// wp-admin/includes/template.php: wp_dropdown_roles() showed roles returned by get_editable_roles() in reversed order, #932:
// $editable_roles = array_reverse( get_editable_roles() );
// so we may need to reverse them 1st, in order they will be reversed back to the ascending order
//$roles = array_reverse( $roles );
return $roles;
}
// end of sort_wp_roles_list()
/** Currently WordPress (tested up to version 5.9.3) shows "Change role to..." drop-down list at Network admin->Sites->selected site->Users with roles filled from the main site,
/* but should use roles list from the selected site. This function replaces roles list with roles from the selected site and
* excludes error messsage "Sorry, you are not allowed to give users that role.", when you try to grant to a user a role which does not exist at the selected site.
*
* @param array $roles
* @return array
*/
public function fix_network_admin_roles_dropdown( $roles ) {
// get selected site ID
$selected_blog_id = isset( $_REQUEST['id'] ) ? intval( $_REQUEST['id'] ) : 0;
if ( !$selected_blog_id ) {
return $roles;
}
$current_blog_id = get_current_blog_id();
if ( $current_blog_id!==$selected_blog_id ) {
switch_to_blog( $selected_blog_id );
}
remove_filter( 'editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
$roles1 = get_editable_roles();
add_filter( 'editable_roles', array($this, 'fix_network_admin_roles_dropdown'), 9 );
if ( $current_blog_id!==$selected_blog_id ) {
restore_current_blog();
}
return $roles1;
}
// end of fix_network_admin_roles_dropdown()
/*
* Translate user role names, inluding custom roles added by user
*
*/
function translate_custom_roles( $roles ) {
foreach ($roles as $key => $value) {
$translated_name = esc_html__( $value['name'], 'user-role-editor' ); // get translation from URE language file, if exists
if ( $translated_name === $value['name'] ) {
if ( $this->lib->is_wp_built_in_role( $key ) ) {
// get WordPress internal translation
$translated_name = translate_user_role( $translated_name );
} elseif ( function_exists('pll_register_string') ) {
// Integration with PolyLang plugin (https://wordpress.org/plugins/polylang/)
$translated_name = pll__( $translated_name );
}
}
$roles[$key]['name'] = $translated_name;
}
$roles = apply_filters('ure_editable_roles', $roles );
return $roles;
}
// end of translate_custom_roles()
// execute on plugin deactivation
public function cleanup() {
}
// end of cleanup()
// excute on plugin uninstall via WordPress->Plugins->Delete
public static function uninstall() {
$uninstall = new URE_Uninstall;
$uninstall->act();
}
// end of uninstall()
}
// end of User_Role_Editor

210
wp/wp-content/plugins/user-role-editor/includes/classes/user-view.php Normal file
View File

@@ -0,0 +1,210 @@
<?php
/**
* User capabilities View class to output HTML with capabilities assigne to the user
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_User_View extends URE_View {
private $user_to_edit = null;
public function __construct() {
parent::__construct();
$this->user_to_edit = $this->editor->get('user_to_edit');
}
// end of __construct()
public function display_edit_dialogs() {
}
// end of display_edit_dialogs()
/**
* output HTML code to create URE toolbar
*
* @param boolean $role_delete
* @param boolean $capability_remove
*/
public function toolbar() {
?>
<div id="ure_toolbar" >
<div id="ure_update">
<button id="ure_update_role" class="ure_toolbar_button button-primary">Update</button>
<?php
do_action('ure_user_edit_toolbar_update');
?>
</div>
</div>
<?php
}
// end of toolbar()
private function get_user_info() {
$switch_to_user = '';
if (!is_multisite() || current_user_can('manage_network_users')) {
$anchor_start = '<a href="' . wp_nonce_url("user-edit.php?user_id={$this->user_to_edit->ID}", "ure_user_{$this->user_to_edit->ID}") . '" >';
$anchor_end = '</a>';
if (class_exists('user_switching') && current_user_can('switch_to_user', $this->user_to_edit->ID)) {
$switch_to_user_link = user_switching::switch_to_url($this->user_to_edit);
$switch_to_user = '<a href="' . esc_url($switch_to_user_link) . '">' . esc_html__('Switch&nbsp;To', 'user-switching') . '</a>';
}
} else {
$anchor_start = '';
$anchor_end = '';
}
$user_info = ' <span style="font-weight: bold;">' . $anchor_start . $this->user_to_edit->user_login;
if ($this->user_to_edit->display_name !== $this->user_to_edit->user_login) {
$user_info .= ' (' . $this->user_to_edit->display_name . ')';
}
$user_info .= $anchor_end . '</span>';
if (is_multisite() && $this->lib->is_super_admin($this->user_to_edit->ID)) {
$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
}
if (!empty($switch_to_user)) {
$user_info .= '&nbsp;&nbsp;&nbsp;&nbsp;' . $switch_to_user;
}
return $user_info;
}
// end of get_user_info()
public function show_primary_role_dropdown_list($user_roles) {
?>
<select name="primary_role" id="primary_role">
<?php
// Compare user role against currently editable roles
$user_roles = array_intersect( array_values( $user_roles ), array_keys( get_editable_roles() ) );
$user_primary_role = array_shift( $user_roles );
// print the full list of roles with the primary one selected.
wp_dropdown_roles($user_primary_role);
// print the 'no role' option. Make it selected if the user has no role yet.
$selected = ( empty($user_primary_role) ) ? 'selected="selected"' : '';
echo '<option value="" '. $selected.'>' . esc_html__('&mdash; No role for this site &mdash;') . '</option>';
?>
</select>
<?php
}
// end of show_primary_role_dropdown_list()
protected function show_secondary_roles() {
$show_admin_role = $this->lib->show_admin_role_allowed();
$values = array_values($this->user_to_edit->roles);
$primary_role = array_shift($values); // get 1st element from roles array
$roles = $this->editor->get('roles');
foreach ($roles as $role_id => $role) {
if (($show_admin_role || $role_id != 'administrator') && ($role_id !== $primary_role)) {
if ($this->editor->user_can($role_id)) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label for="wp_role_' . $role_id . '"><input type="checkbox" id="wp_role_' . $role_id .
'" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked . ' />&nbsp;' .
esc_html__($role['name'], 'user-role-editor') . '</label><br />';
}
}
}
// end of show_secondary_roles()
public function display() {
$caps_readable = $this->editor->get('caps_readable');
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
$edit_user_caps_mode = $this->editor->get_edit_user_caps_mode();
$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
$user_info = $this->get_user_info();
$select_primary_role = apply_filters('ure_users_select_primary_role', true);
?>
<div class="postbox" style="float:left;min-width:1000px;width: 100%;">
<div id="ure_user_caps_header">
<span id="ure_user_caps_title"><?php esc_html_e('Change capabilities for user', 'user-role-editor')?></span> <?php echo $user_info;?>
</div>
<div class="inside">
<table cellpadding="0" cellspacing="0" style="width: 100%;">
<tr>
<td>&nbsp;</td>
<td style="padding-left: 10px; padding-bottom: 5px;">
<?php
if ($this->lib->is_super_admin() || !is_multisite() || !class_exists('User_Role_Editor_Pro') || !$caps_access_restrict_for_simple_admin) {
if ($caps_readable) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1"
<?php echo $checked; ?> onclick="ure_main.turn_caps_readable();" />
<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>&nbsp;&nbsp;&nbsp;
<?php
if ($show_deprecated_caps) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
?>
<input type="checkbox" name="ure_show_deprecated_caps" id="ure_show_deprecated_caps" value="1"
<?php echo $checked; ?> onclick="ure_turn_deprecated_caps(<?php echo $this->user_to_edit->ID; ?>);"/>
<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
<?php
}
?>
</td>
</tr>
<tr>
<td id="ure_user_roles">
<?php
if ($select_primary_role || $this->lib->is_super_admin()) {
?>
<div class="ure-user-role-section-title"><?php esc_html_e('Primary Role:', 'user-role-editor'); ?></div>
<?php
$this->show_primary_role_dropdown_list($this->user_to_edit->roles);
}
if (function_exists('bbp_filter_blog_editable_roles') ) { // bbPress plugin is active
?>
<div class="ure-user-role-section-title" style="margin-top: 5px;"><?php esc_html_e('bbPress Role:', 'user-role-editor'); ?></div>
<?php
$dynamic_roles = bbp_get_dynamic_roles();
$bbp_user_role = bbp_get_user_role($this->user_to_edit->ID);
if (!empty($bbp_user_role)) {
echo $dynamic_roles[$bbp_user_role]['name'];
}
}
?>
<div style="margin-top: 5px;margin-bottom: 5px; font-weight: bold;"><?php esc_html_e('Other Roles:', 'user-role-editor'); ?></div>
<?php
$this->show_secondary_roles();
?>
</td>
<td style="padding-left: 5px; padding-top: 5px; border-top: 1px solid #ccc; vertical-align: top;">
<?php $this->display_caps(false, $edit_user_caps_mode ); ?>
</td>
</tr>
</table>
<input type="hidden" name="object" value="user" />
<input type="hidden" name="user_id" value="<?php echo $this->user_to_edit->ID; ?>" />
</div>
</div>
<?php
}
// end of display()
}
// end of class URE_User_View

366
wp/wp-content/plugins/user-role-editor/includes/classes/view.php Normal file
View File

@@ -0,0 +1,366 @@
<?php
/**
* View class to output any HTML used at User Role Editor
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_View {
protected $lib = null;
protected $editor = null;
public function __construct() {
$this->lib = URE_Lib::get_instance();
$this->editor = URE_Editor::get_instance();
}
// end of __construct()
public function display() {}
public function toolbar() {}
/**
* display opening part of the HTML box with title and CSS style
*
* @param string $title
* @param string $style
*/
public function display_box_start($title, $style = '') {
?>
<div class="postbox" style="float: left; <?php echo $style; ?>">
<h3 style="cursor:default;"><span><?php echo $title ?></span></h3>
<div class="inside">
<?php
}
// end of display_box_start()
/**
* close HTML box opened by display_box_start() call
*/
public function display_box_end() {
?>
</div>
</div>
<?php
}
// end of display_box_end()
public function show_caps_groups() {
$groups = URE_Capabilities_Groups_Manager::get_instance();
$groups_list = $groups->get_groups_tree();
$output = '<ul id="ure_caps_groups_list">'. PHP_EOL;
foreach($groups_list as $group_id=>$group) {
if ($group_id=='all') {
$spacer = '';
$subgroup = '';
} else {
$spacer = 'style="padding-left: '. 15*$group['level'] .'px"';
$subgroup = '- ';
}
$output .= '<li id="ure_caps_group_'. $group_id .'" '. $spacer .'>' .
$subgroup . $group['caption'] .'</li>'. PHP_EOL;
}
$output .= '</ul>'. PHP_EOL;
echo $output;
}
// end of show_caps_groups()
private function deprecated_show_and_color($cap_id, $builtin_wp_caps, &$label_style, &$hidden_class) {
if ( isset( $builtin_wp_caps[$cap_id] ) &&
is_array( $builtin_wp_caps[$cap_id] ) &&
in_array('deprecated', $builtin_wp_caps[$cap_id] ) ) {
$show_deprecated_caps = $this->editor->get('show_deprecated_caps');
if (!$show_deprecated_caps) {
$hidden_class = 'hidden';
}
$label_style = 'style="color:#BBBBBB;"';
}
}
// end of deprecated_show_and_color()
private function blocked_for_single_admin_style($cap_id, &$label_style) {
$blocked = false;
$multisite = $this->lib->get('multisite');
if ($multisite && $this->editor->block_cap_for_single_admin($cap_id, true)) {
if ($this->lib->is_super_admin()) {
if (!is_network_admin()) {
$label_style = 'style="color: red;"';
}
} else {
$blocked = true;
}
}
return $blocked;
}
// end of blocked_for_single_admin_style()
// Get full capabilities list and exclude Visual Composer capabilities from it
// Do not take VC capabilities into account as VC stores not boolean values with them
protected function get_full_capabilities() {
$full_caps = $this->editor->get('full_capabilities');
foreach($full_caps as $key=>$capability) {
if (strpos($key, 'vc_access_rules_')!==false) {
unset($full_caps[$key]);
}
}
return $full_caps;
}
// end of get_full_capabilities()
/*
* Output HTML-code for capabilities list
* Used build output for response to AJAX request
* @param boolean $for_role - if true, it is role capabilities list, else - user specific capabilities list
* @param boolean $edit_mode - if false, capabilities checkboxes are shown as disable - readonly mode
*/
public function _show_capabilities( $for_role = true, $edit_mode=true ) {
$onclick_for_admin = '';
$multisite = $this->lib->get( 'multisite' );
$current_role = $this->editor->get( 'current_role' );
$user_to_edit = $this->editor->get( 'user_to_edit' );
$roles = $this->editor->get( 'roles' );
$full_capabilities = $this->get_full_capabilities();
$built_in_wp_caps = $this->lib->get_built_in_wp_caps();
$caps_readable = $this->editor->get( 'caps_readable' );
$caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
$key_capability = URE_Own_Capabilities::get_key_capability();
$user_is_ure_admin = current_user_can( $key_capability );
$ure_caps = URE_Own_Capabilities::get_caps();
$output = '';
foreach ($full_capabilities as $capability) {
$cap_id = $capability['inner'];
if (!$user_is_ure_admin) {
if (isset($ure_caps[$cap_id]) ||
($multisite && $cap_id=='manage_network_plugins')) {
// exclude URE caps if user does not have full access to URE
continue;
}
}
$label_style = '';
$hidden_class = '';
$this->deprecated_show_and_color($cap_id, $built_in_wp_caps, $label_style, $hidden_class);
$blocked = $this->blocked_for_single_admin_style($cap_id, $label_style);
$classes = array('ure-cap-div');
if ($blocked) {
$classes[] = 'blocked';
$hidden_class = 'hidden';
}
if ($hidden_class) {
$classes[] = $hidden_class;
}
$cap_groups = $caps_groups_manager->get_cap_groups($cap_id, $built_in_wp_caps);
$classes = ure_array_merge( $classes, $cap_groups );
$checked = '';
$disabled = '';
if ($for_role) {
if (isset($roles[$current_role]['capabilities'][$cap_id]) &&
!empty($roles[$current_role]['capabilities'][$cap_id])) {
$checked = 'checked="checked"';
}
} else {
if (empty($edit_mode)) {
$disabled = 'disabled="disabled"';
} else {
$disabled = '';
}
if ($this->editor->user_can($cap_id)) {
$checked = 'checked="checked"';
if (!isset($user_to_edit->caps[$cap_id])) {
$disabled = 'disabled="disabled"';
}
}
}
$class = 'class="' . implode(' ', $classes) .'"';
$cap_id_esc = URE_Capability::escape($cap_id);
$cap_html = '<div id="ure_cap_div_'. $cap_id_esc .'" '. $class .'><input type="checkbox" name="' . $cap_id_esc . '" id="'.
$cap_id_esc . '" value="' . $cap_id .'" '. $checked . ' ' . $disabled . ' class="ure-cap-cb">';
if ($caps_readable) {
$cap_ind = 'human';
$cap_ind_alt = 'inner';
} else {
$cap_ind = 'inner';
$cap_ind_alt = 'human';
}
$cap_html .= '<label for="' . $cap_id_esc . '" id="' . $cap_id_esc . '_label" title="' . $capability[$cap_ind_alt] . '" ' . $label_style . ' >'.
$capability[$cap_ind] . '</label> </div>';
$output .= $cap_html;
}
return $output;
}
// end of _show_capabilities()
/**
* Output HTML-code for capabilities list
* Used to built full page output for usual HTTP request
* @param boolean $for_role - if true, it is role capabilities list, else - user specific capabilities list
* @param boolean $edit_mode - if false, capabilities checkboxes are shown as disable - readonly mode
*/
public function show_capabilities( $for_role = true, $edit_mode=true ) {
$output = '<div id="ure_caps_list_container">'
. '<div id="ure_caps_list">';
$output .= $this->_show_capabilities( $for_role, $edit_mode );
$output .= '</div></div>' ;
echo $output;
}
// end of show_capabilities()
// content of User Role Editor Pro advertisement slot - for direct call
public function advertise_pro() {
?>
<div id="ure_pro_advertisement" style="clear:left;display:block; float: left;">
<a href="https://www.role-editor.com?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins " target="_new" >
<?php
$hide_pro_banner = $this->lib->get_option('ure_hide_pro_banner', 0);
if ($hide_pro_banner) {
echo 'User Role Editor Pro: extended functionality, no advertisement - from $29.</a>';
} else {
?>
<img src="<?php echo URE_PLUGIN_URL; ?>images/user-role-editor-pro-728x90.jpg" alt="User Role Editor Pro"
title="More functionality and premium support with Pro version of User Role Editor."/>
</a><br />
<label for="ure_hide_pro_banner">
<input type="checkbox" name="ure_hide_pro_banner" id="ure_hide_pro_banner" onclick="ure_main.hide_pro_banner();"/>&nbsp;Thanks, hide this banner.
</label>
<?php
}
?>
</div>
<?php
}
// end of advertise_pro_version()
public function advertise_commercials() {
require_once(URE_PLUGIN_DIR . 'includes/classes/advertisement.php');
$this->advert = new URE_Advertisement();
$this->advert->display();
}
// end of advertisement()
public static function output_confirmation_dialog() {
?>
<div id="ure_confirmation_dialog" class="ure-modal-dialog">
<div id="ure_cd_html" style="padding:10px;"></div>
</div>
<?php
}
// end of output_confirmation_dialog()
public static function output_task_status_div() {
?>
<div id="ure_task_status" style="display:none;position:absolute;top:10px;right:10px;padding:10px;background-color:#000000;color:#ffffff;">
<img src="<?php echo URE_PLUGIN_URL .'images/ajax-loader.gif';?>" width="16" height="16"/> <?php esc_html_e('Working...','user-role-editor');?>
</div>
<?php
}
// end of output task_status_div()
private function show_select_all() {
$multisite = $this->lib->get('multisite');
$current_role = $this->editor->get('current_role');
$show = true;
if ($multisite) {
if ($current_role=='administrator' && !$this->lib->is_super_admin()) {
$show = false;
}
} elseif ($current_role=='administrator') {
$show = false;
}
return $show;
}
// end of show_select_all()
public function display_caps($for_role = true, $edit_mode=true) {
$caps_columns_quant = $this->editor->get('caps_columns_quant');
?>
<table id="ure_caps_container" cellpadding="0" cellspacing="0">
<tr>
<td id="ure_caps_groups_title"><span style="font-weight: bold;"><?php esc_html_e('Group', 'user-role-editor');?></span> (<?php esc_html_e('Total', 'user-role-editor');?>/<?php esc_html_e('Granted', 'user-role-editor');?>)</td>
<td id="ure_caps_select">
<div class="ure-table">
<?php
if ($this->show_select_all()) {
?>
<div class="ure-table-cell">
<input type="checkbox" id="ure_select_all_caps" name="ure_select_all_caps" value="ure_select_all_caps"/>
</div>
<?php
}
?>
<div class="ure-table-cell ure-caps-option nowrap">
<?php esc_html_e('Quick filter:', 'user-role-editor'); ?>&nbsp;
<input type="text" id="quick_filter" name="quick_filter" value="" size="10" onkeyup="ure_main.filter_capabilities(this.value);" />&nbsp;&nbsp;&nbsp;
<input type="checkbox" id="granted_only" name="granted_only" />
<label for="granted_only"><?php esc_html_e('Granted Only', 'user-role-editor'); ?></label>&nbsp;
</div>
<div class="ure-table-cell ure-caps-option nowrap">
<?php esc_html_e('Columns:', 'user-role-editor');?>
<select id="caps_columns_quant" name="caps_columns_quant" onchange="ure_main.change_caps_columns_quant();">
<option value="1" <?php selected(1, $caps_columns_quant);?> >1</option>
<option value="2" <?php selected(2, $caps_columns_quant);?> >2</option>
<option value="3" <?php selected(3, $caps_columns_quant);?> >3</option>
</select>
</div>
</div>
</td>
<td id="ure_toolbar_title">&nbsp;</td>
</tr>
<tr>
<td id="ure_caps_groups_td" class="ure-caps-cell">
<?php $this->show_caps_groups(); ?>
</td>
<td id="ure_caps_td" class="ure-caps-cell">
<?php $this->show_capabilities($for_role, $edit_mode); ?>
</td>
<td id="ure_toolbar_td" class="ure-caps-cell">
<?php $this->toolbar(); ?>
</td>
</tr>
</table>
<?php
}
// end of display_caps()
}
// end of class URE_View

125
wp/wp-content/plugins/user-role-editor/includes/classes/woocommerce-capabilities.php Normal file
View File

@@ -0,0 +1,125 @@
<?php
/**
* Class to provide the list of WooCommerce plugin user capabilities
*
* @package User-Role-Editor
* @subpackage Admin
* @author Vladimir Garagulya <support@role-editor.com>
* @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
**/
class URE_Woocommerce_Capabilities {
public static $post_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook', 'product_variation', 'shop_order_refund');
private static $capability_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook');
public static function add_group_to_caps(&$caps, $post_type, $group) {
$post_types = $post_type .'s';
$caps['edit_'. $post_types][] = $group;
$caps['edit_others_'. $post_types][] = $group;
$caps['publish_'. $post_types][] = $group;
$caps['read_private_'. $post_types][] = $group;
$caps['delete_'. $post_types][] = $group;
$caps['delete_private_'. $post_types][] = $group;
$caps['delete_published_'. $post_types][] = $group;
$caps['delete_others_'. $post_types][] = $group;
$caps['edit_private_'. $post_types][] = $group;
$caps['edit_published_'. $post_types][] = $group;
}
// end of add_group_to_caps()
private static function add_base_caps(&$caps, $group, $subgroup, $cap_type) {
$cap_types = $cap_type .'s';
$caps['edit_'. $cap_type] = array('custom', 'custom_post_types', $group, $subgroup, $cap_type);
$caps['read_'. $cap_type] = array('custom', 'custom_post_types', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_type] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['publish_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['read_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
}
// end of add_base_caps()
/**
* Returns full list of WooCommerce plugin user capabilities
*/
public static function get_caps_groups() {
$caps = array(
'manage_woocommerce'=>array('custom', 'woocommerce', 'woocommerce_core'),
'view_woocommerce_reports'=>array('custom', 'woocommerce', 'woocommerce_core'),
'view_admin_dashboard'=>array('custom', 'woocommerce', 'woocommerce_core')
);
// code was built on the base of woocommerce/includes/class-wc-install.php method WC_Install::get_core_capabilities()
$group = 'woocommerce';
foreach (self::$capability_types as $cap_type) {
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
$caps['manage_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['edit_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['delete_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
$caps['assign_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
}
$pto1 = get_post_type_object('product_variation');
if (empty($pto1) || $pto1->capability_type === 'product') { // default, not redefined by some plugin
// add capabilities group for the product_variation custom post type
self::add_group_to_caps($caps, 'product', 'woocommerce_product_variation');
self::add_group_to_caps($caps, 'product', 'product_variation');
} else {
$cap_type = 'product_variation';
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
}
$pto2 = get_post_type_object('shop_order_refund');
if (empty($pto2) || $pto2->capability_type === 'shop_order') { // default, not redefined by some plugin
// add capabilities group for the shop_order_refund custom post type
self::add_group_to_caps($caps, 'shop_order', 'woocommerce_shop_order_refund');
self::add_group_to_caps($caps, 'shop_order', 'shop_order_refund');
} else {
$cap_type = 'shop_order_variant';
$subgroup = $group .'_'. $cap_type;
self::add_base_caps($caps, $group, $subgroup, $cap_type);
}
return $caps;
}
// end of get()
/**
* This custom post types use capabilities from the other custom post types
* So we should define capabilities set for them manually
* @return array()
*/
public static function get_post_types_without_caps() {
$pt_without_caps = array();
$pto1 = get_post_type_object('product_variation');
if (!empty($pto1) && $pto1->capability_type === 'product') {
$pt_without_caps[] = $pto1->name;
}
$pto2 = get_post_type_object('shop_order_refund');
if (!empty($pto2) && $pto2->capability_type === 'shop_order') {
$pt_without_caps[] = $pto2->name;
}
return $pt_without_caps;
}
// end of get_post_types_without_caps()
}
// end of URE_Woocommerce_Capabilities class