Context Navigation

Back to Userextra

Userextra: userextra.php

File userextra.php, 28.8 KB (added by squish, 6 years ago)
Userextra 0.3

Line
1	<?php
2	/*
3	Plugin Name: Userextra
4	Plugin URI: http://dev.wp-plugins.org/wiki/Userextra
5	Description: Extends user profiles to include admin-defined attributes, and provides for category access controls with user-level granularity
6	Author: James Ponder
7	Version: 0.3
8	Author URI: http://www.squish.net/
9	*/
10
11	/*
12
13	=== Userextra ===
14	Tags: profiles, users, acl, categories
15	Requires: Usermeta
16
17	== What does this plug-in do? ==
18
19	This plug-in does two things:
20	1. It adds the ability to associate extra information to users
21	- can be a variety of types: Text, Text Box, Option List or Toggle
22	- optionally each field can be editable by your users
23	- can be displayed in your theme (see Usermeta plug-in for details)
24	2. Category access controls. Firstly there's an option in Userextra to
25	define the categories which are restricted (both visability and posting
26	rights). Then, on a per-user level you can modify:
27	- categories_allow - allow a previously denied category, for this user
28	- categories_deny - deny a normally allowed category, for this user
29
30	It provides three screens:
31
32	Otions -> Userextra (main options window)
33	Users -> Your Extended Profile (does not appear until some attributes exist)
34	Manage -> Extended User Profiles
35
36	== Installation ==
37
38	1. Install "Usermeta" plug-in which this plug-in depends on.
39	Remember to click on "Create/Update usermeta tables" when you do
40	this if you're using WP 1.5 (see its install instructions).
41	2. Upload to your plugins folder, usually wp-content/plugins/
42	3. Activate the plugin on the plugin screen
43
44	If you're installing this plug-in for category access control, then:
45
46	4a. Define the list of restricted categories in the options screen
47	4b. Go to Manage -> Extra User Data and for each user who should have access
48	add the category(s), comma separated, in the "Allow these locked
49	categories" field.
50
51	If you're installing this plug-in to have extra user attributes/fields, then:
52
53	4a. Choose a name for your field and a description and enter it in the
54	options window.
55	4b. Choose a type and select it, and fill in "Options" as specified:
56	- Text is a normal text field. The Options specifies the width.
57	- Text Box is a textarea field. The Options indicates width, height.
58	- Toggle is a checkbox. The options indicate state: e.g. No, Yes.
59	- Option List is a drop-down. Place the options in a list, e.g. a,b,c.
60	4c. Optionally specify a default, which is used to automatically populate the
61	user's extra profile.
62	4d. Edit each user in Manage -> Extra User Data, and/or
63	4e. Log-in as a user and go to Users -> Extended User Profiles
64
65	== Category access control ==
66
67	- Works by filtering posts
68	- User level 10 is special and is never restricted
69	- Extended User Profile window won't appear for users unless attributes defined
70
71	== License ==
72
73	Copyright (c) 2005, 2006 James Ponder <james@squish.net>
74
75	Permission to use, copy, modify, and distribute this software for any
76	purpose with or without fee is hereby granted, provided that the above
77	copyright notice and this permission notice appear in all copies.
78
79	THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
80	WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
81	MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
82	ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
83	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
84	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
85	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
86
87	*/
88
89	function get_userextra() {
90	static $userextra;
91	if (!isset($userextra))
92	$userextra = new Userextra;
93	return $userextra;
94	}
95
96	class Userextra {
97
98	var $types;
99	var $usermeta;
100
101	/* Userextra - class initialiser */
102
103	function Userextra() {
104	$this->types = "Text, Text Box, Toggle, Option List";
105	}
106
107	function formitem_display($type, $options, $name, $current,
108	$attrs = array()) {
109	$disabled = $attrs['disabled'] == 1 ? 'disabled="true"' : '';
110	$h_name = $this->H($name);
111	$h_current = $this->H($current);
112	$o = $this->options_split($options);
113	switch ($type) {
114	case 'Text':
115	return "<input type='text' name='$h_name' value='$h_current' ".
116	"size='$o[0]' $disabled />";
117	case 'Text Box':
118	return "<textarea name='$h_name' cols='$o[0]' rows='$o[1]' $disabled>".
119	"$h_current</textarea>";
120	case 'Toggle':
121	return "<input type='checkbox' name='$h_name' value='1' ".
122	($current == $o[1] ? "checked='true'" : '')." $disabled />";
123	case 'Option List':
124	$txt = "<select name='$h_name' $disabled>";
125	foreach ($o as $item) {
126	$h_item = $this->H($item);
127	if ($item == $current)
128	$txt.= "<option value='$h_item' selected='true'>$h_item</option>";
129	else
130	$txt.= "<option value='$h_item'>$h_item</option>";
131	}
132	$txt.= "</select>";
133	return $txt;
134	}
135	}
136
137	function formitem_usertovalue($type, $options, $value) {
138	$o = $this->options_split($options);
139	switch ($type) {
140	case 'Text':
141	return $value;
142	case 'Text Box':
143	return preg_replace('/\r\n?/', '\n', $value); /* clean of CRs */
144	case 'Toggle':
145	return $value == 1 ? $o[1] : $o[0];
146	case 'Option List':
147	if (in_array($value, $o, true) == true)
148	return $value;
149	return count($o) > 0 ? $o[0] : ''; /* not configured? you get empty */
150	}
151	}
152
153	/* get_fieldinfo($field_name) - return information on the field named.
154	Returns an array with the keys:
155	description => a description of the field
156	type => the type of the field: Text, Text Box, Toggle, Option List
157	options => the options
158	default => the default for this field
159	useredit => No or Yes
160	Note that this only returns information for a field which has been
161	defined by the user in the main Userextra options page.
162	*/
163
164	function get_fieldinfo($field_name) {
165	$fields = get_settings('userextra_fields');
166	if (isset($fields[$field_name]))
167	return $fields[$field_name];
168	return NULL;
169	}
170
171	function display_updated($text) {
172	echo '<div class="updated"><p>';
173	echo $this->T($text, 'userextra');
174	echo '</p></div>';
175	}
176
177	function T($text) {
178	return __($text, 'userextra');
179	}
180
181	function H($text) {
182	return htmlspecialchars($text, ENT_QUOTES);
183	}
184
185	function HT($text) {
186	return htmlspecialchars($this->T($text), ENT_QUOTES);
187	}
188
189	function EHT($text) {
190	echo $this->HT($text);
191	}
192
193	function options_split($text) {
194	return preg_split('/\s,+\s/', $text, -1, PREG_SPLIT_NO_EMPTY);
195	}
196
197
198	function options_userextra() {
199	$this->options_userextra_checkaction();
200	$this->options_userextra_display();
201	}
202
203	function options_userextra_checkaction() {
204	switch ($_REQUEST['action']) {
205	case 'update_options':
206	/* update options */
207	update_option('userextra_adminlevel', $_REQUEST['adminlevel']);
208	update_option('userextra_lockedcategories_view',
209	$_REQUEST['lockedcategories_view']);
210	update_option('userextra_lockedcategories_post',
211	$_REQUEST['lockedcategories_post']);
212	update_option('userextra_orderuserlist', $_REQUEST['orderuserlist']);
213	update_option('userextra_adjudication', $_REQUEST['adjudication']);
214	$this->display_updated('Options updated.');
215	break;
216	case 'add':
217	case 'update':
218	/* add or update meta field */
219	$newinfo = array(
220	'description' =>
221	$this->formitem_usertovalue('Text', 'n/a',
222	$_REQUEST['description']),
223	'type' =>
224	$this->formitem_usertovalue('Option List', $this->types,
225	$_REQUEST['type']),
226	'default' =>
227	$this->formitem_usertovalue('Text', 'n/a', $_REQUEST['default']),
228	'options' =>
229	$this->formitem_usertovalue('Text', 'n/a', $_REQUEST['options']),
230	'useredit' =>
231	$this->formitem_usertovalue('Toggle', 'No, Yes',
232	$_REQUEST['useredit']),
233	);
234	if (!in_array($newinfo['type'], preg_split('/\s,+\s/', $this->types),
235	true) \|\| strlen($newinfo['description']) < 1) {
236	$this->display_updated('Incomplete attribute definition.');
237	break;
238	}
239	if ($newinfo['type'] == 'Option List') {
240	$o = $this->options_split($newinfo['options']);
241	if (count($o) < 1) {
242	$this->display_updated('Option Lists must have at least '.
243	'one option.');
244	break;
245	}
246	if (!in_array($newinfo['default'], $o)) {
247	$this->display_updated('Option Lists must have a default, '.
248	'using first option.');
249	$newinfo['default'] = $o[0];
250	}
251	}
252	if ($newinfo['type'] == 'Toggle') {
253	$o = $this->options_split($newinfo['options']);
254	if (count($o) != 2) {
255	$this->display_updated('Toggles must have two options, '.
256	'defaulting to "No, Yes".');
257	$newinfo['options'] = 'No, Yes';
258	$o = $this->options_split($newinfo['options']);
259	}
260	if (!in_array($newinfo['default'], $o)) {
261	$this->display_updated('Toggles must have a default, '.
262	'using first option.');
263	$newinfo['default'] = $o[0];
264	}
265	}
266	$fields = get_settings('userextra_fields');
267	if ($fields == false)
268	$fields = array();
269	if (isset($_REQUEST['name']) && $_REQUEST['name'])
270	$fields[$_REQUEST['name']] = $newinfo;
271	update_option('userextra_fields', $fields);
272	switch ($_REQUEST['action']) {
273	case 'add': $this->display_updated('Added new field.'); break;
274	case 'update': $this->display_updated('Updated field.'); break;
275	}
276	break;
277	case 'delete':
278	/* delete a meta field */
279	$fields = get_settings('userextra_fields');
280	if ($fields == false)
281	$fields = array();
282	unset($fields[$_REQUEST['name']]);
283	update_option('userextra_fields', $fields);
284	$this->display_updated('Deleted field.');
285	break;
286	}
287	}
288
289	function options_userextra_display() {
290	/* Display options page */
291	$adminlevel = get_settings('userextra_adminlevel');
292	$lockedcategories_view = get_settings('userextra_lockedcategories_view');
293	$lockedcategories_post = get_settings('userextra_lockedcategories_post');
294	$orderuserlist = get_settings('userextra_orderuserlist');
295	$fields = get_settings('userextra_fields');
296	$adjudication = get_settings('userextra_adjudication');
297	?>
298	<div class="wrap">
299	<h2><?php $this->EHT('Userextra Fields') ?></h2>
300	<table class="editform">
301	<tr>
302	<th><?php $this->EHT('Name') ?></th>
303	<th><?php $this->EHT('Description') ?></th>
304	<th><?php $this->EHT('Type') ?></th>
305	<th><?php $this->EHT('Options') ?></th>
306	<th><?php $this->EHT('Default') ?></th>
307	<th><?php $this->EHT('User editable?') ?></th>
308	</tr>
309	<?php
310	$alternate = '';
311	foreach ($fields as $name => $f) {
312	$disabled = array();
313	if ($name == "categories_allow" \|\| $name == "categories_deny")
314	$disabled['disabled'] = 1;
315	?><form method="post">
316	<input type="hidden" name="action" value="update" />
317	<input type="hidden" name="name" value="<?php
318	echo $this->H($name) ?>" />
319	<tr<?php echo $alternate ?>>
320	<td><?php echo $this->H($name) ?></td>
321	<td><?php echo $this->formitem_display('Text', '32',
322	'description', $f['description']) ?></td>
323	<td><?php echo $this->formitem_display('Option List',
324	$this->types, 'type', $f['type'],
325	$disabled) ?></td>
326	<td><?php echo $this->formitem_display('Text', '12',
327	'options', $f['options']) ?></td>
328	<td><?php echo $this->formitem_display('Text', '12',
329	'default', $f['default']) ?></td>
330	<td><?php echo $this->formitem_display('Toggle', 'No, Yes',
331	'useredit', $f['useredit']) ?></td>
332	<td><?php
333	if (!$disabled['disabled']) {
334	?><a href="<?php echo $this->H(add_query_arg(
335	array('action' => 'delete', 'name' => $name),
336	$_SERVER['REQUEST_URI']))
337	?>" onClick="return confirm('<?php
338	echo $this->H($this->T('Are you sure '.
339	'you want to delete this entry?')." ($name) ".
340	$this->H($this->T('Note: This will not delete the '.
341	'user data from the database - '.
342	'only this definition for display '.
343	'and input purposes.')))
344	?>');"><?php $this->EHT('Delete') ?></a>
345	<?php
346	} ?>
347	</td>
348	<td><input type="submit" value="<?php
349	echo $this->H($this->T('Modify')).' »' ?>" /></td>
350	</tr>
351	</form>
352	<?php
353	$alternate = $alternate == '' ? ' class="alternate"' : '';
354	} ?>
355	<form method="post">
356	<input type="hidden" name="action" value="add" />
357	<tr<?php echo $alternate ?>>
358	<td><?php echo $this->formitem_display('Text', '20',
359	'name', '') ?></td>
360	<td><?php echo $this->formitem_display('Text', '32',
361	'description', '') ?></td>
362	<td><?php echo $this->formitem_display('Option List',
363	$this->types, 'type', '') ?></td>
364	<td><?php echo $this->formitem_display('Text', '12',
365	'options', '') ?></td>
366	<td><?php echo $this->formitem_display('Text', '12',
367	'default', '') ?></td>
368	<td><?php echo $this->formitem_display('Toggle', 'No, Yes',
369	'useredit', '') ?></td>
370	<td></td>
371	<td><input type="submit" value="<?php
372	echo $this->H($this->T('Add')).' »' ?>" /></td>
373	</tr>
374	</form>
375	</table>
376	<p>Options:<ul>
377	<li>Text - Width (e.g. "24")</li>
378	<li>Text Box - Width, Height (e.g. "30, 10")</li>
379	<li>Toggle - Value when not selected, Value when selected
380	(e.g. "No, Yes")</li>
381	<li>Option List - Item 1[, Item 2]... (e.g. "Low, Medium, High")</li>
382	</ul></p>
383	</div>
384	<div class="wrap">
385	<h2><?php $this->EHT('Userextra Options') ?></h2>
386	<form method="post">
387	<input type="hidden" name="action" value="update_options" />
388	<fieldset class="options">
389	<legend><?php $this->EHT('Main options') ?></legend>
390	<table class="editform">
391	<tr>
392	<td><?php echo $this->HT("Administration level to edit extended ".
393	"user profiles").": " ?></td>
394	<td><input type="text" size="2" name="adminlevel" value="<?php
395	$this->EHT($adminlevel) ?>"></td>
396	</tr>
397	<tr>
398	<td><?php echo $this->HT("Order of user list in admin page").
399	": " ?></td>
400	<td><?php echo $this->formitem_display('Option List',
401	'ID, user_login',
402	'orderuserlist', $orderuserlist) ?></td>
403	</tr>
404	<tr>
405	<td><?php echo $this->HT("List of category names ".
406	" not visable by default").": " ?></td>
407	<td><?php echo $this->formitem_display('Text', '40',
408	'lockedcategories_view', $lockedcategories_view) ?></td>
409	</tr>
410	<tr>
411	<td><?php echo $this->HT("List of category names ".
412	" users can't post to by default").": " ?></td>
413	<td><?php echo $this->formitem_display('Text', '40',
414	'lockedcategories_post', $lockedcategories_post) ?></td>
415	</tr>
416	<tr>
417	<td><?php echo $this->HT("Adjudication style for posts in ").
418	"both allow and deny categories ".
419	"(decides visibility): " ?></td>
420	<td><?php echo $this->formitem_display('Option List',
421	'Unanimous Permit, Any Permit', 'adjudication',
422	$adjudication) ?></td>
423	</tr>
424	</table>
425	<div class="submit"><input type="submit" value="<?php
426	echo $this->H($this->T('Update options')).' »' ?>" /></div>
427	</fieldset>
428	</form>
429	</div>
430	<?
431	}
432
433	function options_userdata() {
434	global $user_level;
435	$adminlevel = get_settings('userextra_adminlevel');
436	get_currentuserinfo();
437	if ($user_level < $adminlevel) {
438	die($this->T('You do not have permission to edit this user.'));
439	}
440	$id = (int) $_REQUEST['id'];
441	$page = $this->options_userdata_checkaction($id);
442	switch($page) {
443	case 'list':
444	$this->options_userdata_display_list();
445	break;
446	case 'edit':
447	$this->options_userdata_display_user($id);
448	break;
449	}
450	}
451
452	function options_myuserdata() {
453	global $user_ID;
454	get_currentuserinfo();
455	$page = $this->options_userdata_checkaction($user_ID, true);
456	$this->options_userdata_display_user($user_ID, true);
457	}
458
459	function options_userdata_checkaction($id, $only_useredit = false) {
460	switch ($_REQUEST['action']) {
461	case 'edit':
462	$fields = get_settings('userextra_fields');
463	foreach ($fields as $name => $f) {
464	if ($only_useredit == true && $f['useredit'] != 'Yes')
465	continue;
466	$value = $this->formitem_usertovalue($f['type'], $f['options'],
467	$_REQUEST[$name]);
468	$this->usermeta->set($id, $name, $value);
469	}
470	$this->display_updated('User updated.');
471	return "list";
472	default:
473	if ($id)
474	return "edit";
475	return 'list';
476	}
477	}
478
479	function options_userdata_display_list() {
480	/* Display Extra User Data page */
481	global $wpdb;
482	$orderuserlist = get_settings('userextra_orderuserlist');
483	$users = $wpdb->get_results(
484	"SELECT ID FROM $wpdb->users ORDER BY $orderuserlist");
485	?>
486	<div class="wrap">
487	<h2><?php $this->EHT('All Users') ?></h2>
488	<p>Select the user below to edit category access control and additional
489	fields you have added in <em>Userextra</em> options page.</p>
490	<table class="editform" style='width: 100%'>
491	<tr>
492	<th style='text-align: left'><?php $this->EHT('ID') ?></th>
493	<th style='text-align: center'><?php $this->EHT('Nickname') ?></th>
494	<th style='text-align: center'><?php $this->EHT('Name') ?></th>
495	<th style='text-align: center'><?php $this->EHT('E-mail') ?></th>
496	<th style='text-align: center'><?php $this->EHT('Website') ?></th>
497	<th></th>
498	</tr>
499	<?php
500	foreach ($users as $user) {
501	$alternate = $alternate == '' ? ' class="alternate"' : '';
502	$user_data = get_userdata($user->ID);
503	if (($url = $user_data->url) == null)
504	$url = $user_data->user_url;
505	if (($nickname = $user_data->nickname) == null)
506	$nickname = $user_data->user_nickname;
507	if (($email = $user_data->email) == null)
508	$email = $user_data->user_email;
509	if (($firstname = $user_data->first_name) == null)
510	$firstname = $user_data->user_firstname;
511	if (($lastname = $user_data->last_name) == null)
512	$lastname = $user_data->user_lastname;
513	$short_url = str_replace('http://', '', $url);
514	$short_url = str_replace('www.', '', $short_url);
515	if ('/' == substr($short_url, -1))
516	$short_url = substr($short_url, 0, -1);
517	if (strlen($short_url) > 35)
518	$short_url = substr($short_url, 0, 32).'...';
519	?><form method="post">
520	<tr<?php echo $alternate ?>>
521	<td><?php echo $this->H($user_data->ID) ?></td>
522	<td><strong><?php
523	echo $this->H($nickname) ?></strong></td>
524	<td><?php echo $this->H("$firstname $lastname") ?></td>
525	<td><?php echo $this->H($email) ?></td>
526	<td><?php echo $this->H($short_url) ?></td>
527	<td><a href="<?php echo $this->H(add_query_arg(
528	array('id' => $user_data->ID),
529	$_SERVER['REQUEST_URI'])) ?>" class="edit"><?php
530	$this->EHT('Edit') ?></a></td>
531	</tr>
532	</form>
533	<?php
534	} ?>
535	</table>
536	</div>
537	<?
538	}
539
540	function options_userdata_display_user($id, $only_useredit = false) {
541	/* Display Your Extended Profile page */
542	$edituser = get_userdata($id);
543	$anyeditables = 0;
544	?>
545	<div class="wrap">
546	<h2><?php $this->EHT('User details') ?></h2>
547	<form method="post">
548	<input type="hidden" name="id" value="<?php echo $id ?>" />
549	<input type="hidden" name="action" value="edit" />
550	<table class="editform" style='width: 100%'>
551	<tr style='padding-bottom: 0.5em'>
552	<th style='width: 33%' scope="row"><?php $this->EHT('Username:')
553	?></th>
554	<td style='width: 67%'><?php
555	echo $edituser->user_login ?></td>
556	</tr>
557	<?php
558	$fields = get_settings('userextra_fields');
559	$alternate = '';
560	foreach ($fields as $name => $f) {
561	if ($only_useredit == true && $f['useredit'] != 'Yes')
562	continue;
563	$alternate = $alternate == '' ? ' class="alternate"' : '';
564	$star = $only_useredit == false && $f['useredit'] == 'Yes' ? 1 : 0;
565	if ($star)
566	$anyeditables = 1;
567	$um = $this->usermeta;
568	$value = $um->get($id, $name, true);
569	if (is_null($value))
570	$value = $f['default'];
571	?>
572	<tr<?php echo $alternate ?>>
573	<th style='width: 33%; vertical-align: top; padding-top: 0.4em'
574	scope="row"><?php
575	echo $this->H($f['description']. /* " ($name)". */ ": ").
576	($star ? '*' : '') ?></th>
577	<td style='width: 67%'><?php
578	echo $this->formitem_display($f['type'], $f['options'], $name,
579	$value) ?></td>
580	</tr>
581	<?php
582	} ?>
583	</table>
584	<div class="submit"><input type="submit" value="<?php
585	echo $this->H($this->T('Update user')).' »' ?>" /></div>
586	<?php if ($anyeditables) {
587	echo '<p>* This item is editable by the user.</p>';
588	} ?>
589	</form>
590	</div>
591	<?
592	}
593
594	function action_init() {
595	if (function_exists('get_usermeta_object'))
596	$this->usermeta = get_usermeta_object();
597	}
598
599	function action_admin_menu() {
600	add_options_page($this->T('User attributes'),
601	$this->T('Userextra'),
602	8, basename(__FILE__), array(&$this, 'options_userextra'));
603	add_submenu_page("edit.php", $this->T('Extra User Data'),
604	$this->T('Extra User Data'),
605	8, basename(__FILE__), array(&$this, 'options_userdata'));
606
607	$fields = get_settings('userextra_fields');
608	foreach ($fields as $name => $f) {
609	if ($f['useredit'] == 'Yes') {
610	add_submenu_page("profile.php", $this->T('Profile (extended)'),
611	$this->T('Your Extended Profile'),
612	0, basename(__FILE__), array(&$this,
613	'options_myuserdata'));
614	break;
615	}
616	}
617	}
618
619	function is_current_user_allowed($post) {
620	global $user_ID;
621	$locked = get_settings('userextra_lockedcategories_view');
622	$locked_a = $this->options_split($locked);
623	$allow = $this->usermeta->get($user_ID, "categories_allow", true);
624	$allow_a = $this->options_split($allow);
625	$deny = $this->usermeta->get($user_ID, "categories_deny", true);
626	$deny_a = $this->options_split($deny);
627	$post_cats = wp_get_post_cats(1, $post->ID);
628	$seen_allow = false;
629	$seen_deny = false;
630	foreach ($post_cats as $post_cat) {
631	$name = get_cat_name($post_cat);
632	if (in_array($name, $allow_a) \|\|
633	(!(in_array($name, $locked_a)) && !(in_array($name, $deny_a)))) {
634	$seen_allow = true;
635	} else {
636	$seen_deny = true;
637	}
638	}
639	if ($seen_deny == false)
640	return true;
641	if ($seen_allow == false)
642	return false;
643	$adjudication = get_settings('userextra_adjudication');
644	if ($adjudication == 'Any Permit')
645	return true;
646	return false; /* not unanimous */
647	}
648
649	function filter_error() {
650	die("Userextra: Permission Denied.\n");
651	}
652
653	function filter_hide() {
654	return "filter_hide";
655	}
656
657	function filter_posts($posts) {
658	global $user_level;
659	if ($user_level == 10)
660	return $posts;
661	$ok = array();
662	foreach ($posts as $post) {
663	if ($this->is_current_user_allowed($post))
664	$ok[] = $post;
665	}
666	return $ok;
667	}
668
669	function filter_content_save_pre($in) {
670	/* for some reason, WP doesn't call category_save_pre on edits */
671	global $user_ID;
672	$locked = get_settings('userextra_lockedcategories_post');
673	$locked_a = $this->options_split($locked);
674	$allow = $this->usermeta->get($user_ID, "categories_allow", true);
675	$allow_a = $this->options_split($allow);
676	$deny = $this->usermeta->get($user_ID, "categories_deny", true);
677	$deny_a = $this->options_split($deny);
678	if ($_REQUEST['post_category'] == null)
679	return $in;
680	foreach ($_REQUEST['post_category'] as $catid) {
681	$name = get_catname($catid);
682	if (!in_array($name, $allow_a) &&
683	(in_array($name, $locked_a) \|\| in_array($name, $deny_a))) {
684	die($this->T('You cannot post to that category as this user.'));
685	}
686	}
687	return $in;
688	}
689
690	function action_admin_head($in) {
691	global $user_level;
692	get_currentuserinfo();
693	if ($user_level < 10) {
694	if(preg_match('#/wp-admin/post\.php#',
695	$_SERVER['REQUEST_URI'])) {
696	ob_start(array($this, 'postpage_output'));
697	}
698	}
699	return $in;
700	}
701
702	function postpage_output($page) {
703	return preg_replace_callback(
704	'#<label for="category-(.?)</label>.?<span .*?</span>#sim',
705	array($this, 'modify_field'), $page);
706	}
707
708	function modify_field($matches) {
709	global $user_ID;
710	$locked = get_settings('userextra_lockedcategories_post');
711	$locked_a = $this->options_split($locked);
712	$allow = $this->usermeta->get($user_ID, "categories_allow", true);
713	$allow_a = $this->options_split($allow);
714	$deny = $this->usermeta->get($user_ID, "categories_deny", true);
715	$deny_a = $this->options_split($deny);
716	if (preg_match('#<input value="(\d+)" #i', $matches[0], $r) > 0) {
717	$catid = $r[1];
718	$name = get_catname($catid);
719	if (!in_array($name, $allow_a) &&
720	(in_array($name, $locked_a) \|\| in_array($name, $deny_a))) {
721	return "";
722	}
723	} else {
724	return "";
725	}
726	return $matches[0];
727	}
728
729	}
730
731	global $user_level;
732
733	load_plugin_textdomain('userextra');
734	$userextra = get_userextra();
735
736	add_option('userextra_adminlevel', '8',
737	$userextra->T('Administration level to edit extended user '.
738	'profiles'));
739	add_option('userextra_lockedcategories_view', '',
740	$userextra->T('List of category names not visable by default'));
741	add_option('userextra_lockedcategories_post', '',
742	$userextra->T("List of category names users can't post to by ".
743	"default"));
744	add_option('userextra_orderuserlist', 'ID',
745	$userextra->T('Ordering of user list'));
746	add_option('userextra_adjudication', 'Unanimous Permit',
747	$userextra->T('Adjudication style for posts in '.
748	'multiple categories'));
749
750	add_option('userextra_fields', array(
751	'categories_allow' => array(
752	'description' => 'Allow these locked categories',
753	'type' => 'Text',
754	'options' => '32',
755	'default' => ''),
756	'categories_deny' => array(
757	'description' => 'Deny these categories',
758	'type' => 'Text',
759	'options' => '32',
760	'default' => ''),
761	));
762
763	add_action('admin_menu', array(&$userextra, 'action_admin_menu'));
764	add_action('init', array(&$userextra, 'action_init'));
765
766	add_filter('the_posts', array(&$userextra, 'filter_posts'));
767	add_filter('content_save_pre', array(&$userextra,
768	'filter_content_save_pre'));
769	add_action('admin_head', array(&$userextra, 'action_admin_head'));
770
771	?>

Download in other formats:

Original Format