PageRenderTime 42ms CodeModel.GetById 2ms app.highlight 31ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-content/plugins/role-scoper/role-scoper_init.php

https://bitbucket.org/broderboy/nycendurance-wordpress
PHP | 1043 lines | 700 code | 258 blank | 85 comment | 214 complexity | 9a1a0239769042d448eda7390037d362 MD5 | raw file
   1<?php
   2if( basename(__FILE__) == basename($_SERVER['SCRIPT_FILENAME']) )
   3	die();
   4
   5require_once( dirname(__FILE__).'/hardway/cache-persistent.php');
   6
   7//if ( ! awp_ver( '3.0' ) )
   8//	require_once( dirname(__FILE__).'/wp-legacy_rs.php' );
   9
  10// As of WP 3.0, this is not set until admin_header is loaded, and remains unset for non-admin urls.  To simplify subsequent checks, set it early and universally.
  11$GLOBALS['plugin_page_cr'] = ( is_admin() && isset( $_GET['page'] ) ) ? $_GET['page'] : '';
  12
  13if ( is_admin() )
  14	require_once( dirname(__FILE__).'/admin/admin-init_rs.php' );
  15	
  16if ( IS_MU_RS )
  17	require_once( dirname(__FILE__).'/mu-init_rs.php' );
  18
  19if ( IS_MU_RS || defined('SCOPER_FORCE_FILE_INCLUSIONS') ) {
  20	// workaround to avoid file error on get_home_path() call
  21	if ( file_exists( ABSPATH . '/wp-admin/includes/file.php' ) )
  22		include_once( ABSPATH . '/wp-admin/includes/file.php' );	
  23}
  24
  25// If an htaccess regeneration is triggered by somebody else, insert our rules (normal non-MU installations).
  26if ( ! defined( 'SCOPER_NO_HTACCESS' ) )
  27	add_filter( 'mod_rewrite_rules', 'scoper_mod_rewrite_rules' );
  28
  29add_action( 'delete_option', 'scoper_maybe_rewrite_inclusions' );
  30add_action( 'delete_transient_rewrite_rules', 'scoper_rewrite_inclusions' );
  31
  32// some options can be overridden by constant definition
  33add_filter( 'site_options_rs', 'scoper_apply_constants', 99 );
  34add_filter( 'options_rs', 'scoper_apply_constants', 99 );
  35
  36function scoper_log_init_action() {
  37	define ( 'INIT_ACTION_DONE_RS', true );
  38
  39	require_once( dirname(__FILE__).'/db-config_rs.php');
  40	
  41	$func = "require('" . dirname(__FILE__) . "/db-config_rs.php');";
  42	add_action( 'switch_blog', create_function( '', $func ) );
  43	
  44	if ( is_admin() )
  45		scoper_load_textdomain();
  46
  47	elseif ( defined('XMLRPC_REQUEST') )
  48		require_once( dirname(__FILE__).'/xmlrpc_rs.php');
  49}
  50
  51function scoper_act_set_current_user() {
  52	$id = ( ! empty($GLOBALS['current_user']) ) ? $GLOBALS['current_user']->ID : 0;
  53
  54	if ( $id ) {
  55		require_once( dirname(__FILE__).'/scoped-user.php');
  56		$GLOBALS['current_rs_user'] = new WP_Scoped_User($id);
  57		
  58		// other properties (blog_roles, assigned_term_roles, term_roles) will be set as populated
  59		foreach( array( 'groups', 'assigned_blog_roles' ) as $var ) {
  60			$GLOBALS['current_user']->$var = $GLOBALS['current_rs_user']->$var;
  61		}
  62	} else {
  63		require_once( dirname(__FILE__).'/scoped-user_anon.php');
  64		$GLOBALS['current_rs_user'] = new WP_Scoped_User_Anon();
  65	}
  66
  67	// since sequence of set_current_user and init actions seems unreliable, make sure our current_user is loaded first
  68	if ( ! empty( $GLOBALS['scoper'] ) )
  69		return;
  70	elseif ( defined('INIT_ACTION_DONE_RS') )
  71		scoper_init();
  72	else {
  73		static $done = false;
  74		if ( $done ) { return; } else { $done = true; }
  75		$priority = ( defined( 'SCOPER_EARLY_INIT' ) ) ? 3 : 50;
  76		add_action('init', 'scoper_init', $priority);
  77	}
  78}
  79
  80function scoper_init() {
  81	global $scoper;
  82
  83	// Work around bug in More Taxonomies (and possibly other plugins) where category taxonomy is overriden without setting it public
  84	foreach( array( 'category', 'post_tag' ) as $taxonomy ) {
  85		if ( isset( $GLOBALS['wp_taxonomies'][$taxonomy] ) )
  86			$GLOBALS['wp_taxonomies'][$taxonomy]->public = true;
  87	}
  88	
  89	if ( IS_MU_RS ) {
  90		global $scoper_sitewide_options;
  91		$scoper_sitewide_options = apply_filters( 'sitewide_options_rs' , $scoper_sitewide_options );	
  92	}
  93
  94	require_once( dirname(__FILE__).'/wp-cap-helper_cr.php' );
  95	WP_Cap_Helper_CR::establish_status_caps();
  96	WP_Cap_Helper_CR::force_distinct_post_caps();
  97	WP_Cap_Helper_CR::force_distinct_taxonomy_caps();
  98	
  99	if ( is_admin() ) {
 100		require_once( dirname(__FILE__).'/admin/admin-init_rs.php' );	// TODO: why is the require statement up top not sufficient for NGG 1.7.2 uploader?
 101		scoper_admin_init();	
 102	}
 103		
 104	//log_mem_usage_rs( 'scoper_admin_init done' );
 105		
 106	require_once( dirname(__FILE__).'/scoped-user.php');
 107	require_once( dirname(__FILE__).'/role-scoper_main.php');
 108	
 109	//log_mem_usage_rs( 'require role-scoper_main' );
 110	
 111	if ( empty($scoper) ) {		// set_current_user may have already triggered scoper creation and role_cap load
 112		$scoper = new Scoper();
 113
 114		//log_mem_usage_rs( 'new Scoper done' );
 115		$scoper->init();
 116	}
 117
 118	// ensure that content administrators (as defined by SCOPER_CONTENT_ADMIN_CAP) have all caps for custom types by default
 119	if ( is_content_administrator_rs() ) {
 120		global $current_rs_user;
 121
 122		if ( ! empty($current_rs_user) ) { // user object not set when scoper_init() is manually invoked to support htaccess rule generation on plugin activation
 123			foreach ( get_post_types( array('public' => true, '_builtin' => false) ) as $name )
 124				$current_rs_user->assigned_blog_roles[ANY_CONTENT_DATE_RS]["rs_{$name}_editor"] = true;
 125			
 126			$taxonomies = get_taxonomies( array('public' => true, '_builtin' => false) );
 127			$taxonomies []= 'nav_menu';
 128			foreach ( $taxonomies as $name )
 129				$current_rs_user->assigned_blog_roles[ANY_CONTENT_DATE_RS]["rs_{$name}_manager"] = true;
 130			
 131			$current_rs_user->merge_scoped_blogcaps();
 132			$GLOBALS['current_user']->allcaps = $current_rs_user->allcaps;
 133			$GLOBALS['current_user']->assigned_blog_roles = $current_rs_user->assigned_blog_roles;
 134		}
 135	}
 136	
 137	if ( ! empty($_GET['action']) && ( 'expire_file_rules' == $_GET['action'] ) ) {
 138		require_once( dirname(__FILE__).'/attachment-helper_rs.php' );
 139		scoper_requested_file_rule_expire();
 140	}
 141
 142	//log_mem_usage_rs( 'scoper->init() done' );
 143}
 144
 145function rs_get_user( $user_id, $name = '', $args = array() ) {
 146	if ( ! class_exists( 'WP_Scoped_User' ) )
 147		require_once( dirname(__FILE__).'/scoped-user.php');
 148	
 149	return new WP_Scoped_User( $user_id, $name, $args );
 150}
 151
 152function scoper_load_textdomain() {
 153	if ( defined( 'SCOPER_TEXTDOMAIN_LOADED' ) )
 154		return;
 155
 156	load_plugin_textdomain( 'scoper', false, SCOPER_FOLDER . '/languages' );
 157
 158	define('SCOPER_TEXTDOMAIN_LOADED', true);
 159}
 160
 161function scoper_get_init_options() {
 162	define ( 'SCOPER_CUSTOM_USER_BLOGCAPS', scoper_get_option('custom_user_blogcaps') );		// TODO: eliminate this?
 163	
 164	$define_groups = scoper_get_option('define_usergroups');
 165	define ( 'DEFINE_GROUPS_RS', $define_groups );
 166	define ( 'GROUP_ROLES_RS', $define_groups && scoper_get_option('enable_group_roles') );
 167	
 168	define ( 'USER_ROLES_RS', scoper_get_option('enable_user_roles') );
 169	
 170	if ( ! defined('DISABLE_PERSISTENT_CACHE') && ! scoper_get_option('persistent_cache') )
 171		define ( 'DISABLE_PERSISTENT_CACHE', true );
 172
 173	wpp_cache_init( IS_MU_RS && scoper_establish_group_scope() );
 174}
 175
 176function scoper_refresh_options() {
 177	if ( IS_MU_RS ) {
 178		scoper_retrieve_options(true);
 179		scoper_refresh_options_sitewide();
 180	}
 181		
 182	scoper_retrieve_options(false);
 183	
 184	scoper_refresh_default_options();
 185}
 186
 187function scoper_set_conditional_defaults() {
 188	// if the WP installation has 100 or more users at initial Role Scoper installation, default to CSV input of username for role assignment	
 189	global $wpdb;
 190	$num_users = $wpdb->get_var( "SELECT COUNT(ID) FROM $wpdb->users" );
 191	if ( $num_users > 99 )
 192		update_option( 'scoper_user_role_assignment_csv', 1 );
 193}
 194
 195function scoper_refresh_default_options() {
 196	global $scoper_default_options;
 197
 198	require_once( dirname(__FILE__).'/defaults_rs.php');
 199	$scoper_default_options = apply_filters( 'default_options_rs', scoper_default_options() );
 200	
 201	if ( IS_MU_RS )
 202		scoper_apply_custom_default_options( 'scoper_default_options' );
 203}
 204
 205function scoper_refresh_default_otype_options() {
 206	global $scoper_default_otype_options;
 207	
 208	require_once( dirname(__FILE__).'/defaults_rs.php');
 209	$scoper_default_otype_options = apply_filters( 'default_otype_options_rs', scoper_default_otype_options() );
 210	
 211	// compat workaround for old versions of Role Scoping for NGG which use old otype option key structure
 212	if ( isset( $scoper_default_otype_options['use_term_roles']['ngg_gallery:ngg_gallery'] ) && ( ! is_array($scoper_default_otype_options['use_term_roles']['ngg_gallery:ngg_gallery']) ) )
 213		$scoper_default_otype_options['use_term_roles']['ngg_gallery:ngg_gallery'] = array( 'ngg_album' => 1 );
 214		
 215	if ( IS_MU_RS )
 216		scoper_apply_custom_default_options( 'scoper_default_otype_options' );
 217}
 218
 219function scoper_get_default_otype_options() {
 220	if ( did_action( 'scoper_init') ) {
 221		global $scoper_default_otype_options;
 222		
 223		if ( ! isset( $scoper_default_otype_options ) )
 224			scoper_refresh_default_otype_options();
 225			
 226		return $scoper_default_otype_options;
 227	} else
 228		return scoper_default_otype_options();	
 229}
 230
 231function scoper_delete_option( $option_basename, $sitewide = -1 ) {
 232	// allow explicit selection of sitewide / non-sitewide scope for better performance and update security
 233	if ( -1 === $sitewide ) {
 234		global $scoper_options_sitewide;
 235		$sitewide = isset( $scoper_options_sitewide ) && ! empty( $scoper_options_sitewide[$option_basename] );
 236	}
 237
 238	if ( $sitewide ) {
 239		global $wpdb;
 240		scoper_query( "DELETE FROM {$wpdb->sitemeta} WHERE site_id = '$wpdb->siteid' AND meta_key = 'scoper_$option_basename'" );
 241	} else 
 242		delete_option( "scoper_$option_basename" );
 243}
 244
 245function scoper_update_option( $option_basename, $option_val, $sitewide = -1 ) {
 246	// allow explicit selection of sitewide / non-sitewide scope for better performance and update security
 247	if ( -1 === $sitewide ) {
 248		global $scoper_options_sitewide;
 249		$sitewide = isset( $scoper_options_sitewide ) && ! empty( $scoper_options_sitewide[$option_basename] );
 250	}
 251	
 252	if ( $sitewide ) {
 253		global $scoper_site_options;
 254		$scoper_site_options[$option_basename] = $option_val;
 255		
 256		//d_echo("<br /><br />sitewide: $option_basename, value : " . maybe_serialize($option_val) );
 257		update_site_option( "scoper_$option_basename", $option_val );
 258	} else {
 259		//d_echo("<br />blogwide: $option_basename" );
 260		global $scoper_blog_options;
 261		$scoper_blog_options[$option_basename] = $option_val;
 262
 263		update_option( "scoper_$option_basename", $option_val );
 264	}
 265}
 266
 267function scoper_apply_constants($stored_options) {
 268	// If file filtering option is on but the DISABLE constant has been set, turn the option off and regenerate .htaccess
 269	if ( defined( 'DISABLE_ATTACHMENT_FILTERING' ) && DISABLE_ATTACHMENT_FILTERING ) {
 270		if ( ! empty( $stored_options['scoper_file_filtering'] ) ) {
 271			// in this case, we need to both convert the option value to constant value AND trigger .htaccess regeneration
 272			$stored_options['file_filtering'] = 0;
 273			update_option( 'scoper_file_filtering', 0 );
 274			scoper_flush_site_rules();
 275			scoper_expire_file_rules();	
 276		}
 277	}
 278
 279	return $stored_options; 
 280}
 281
 282function scoper_retrieve_options( $sitewide = false ) {
 283	global $wpdb;
 284	
 285	if ( $sitewide ) {
 286		global $scoper_site_options;
 287		
 288		$scoper_site_options = array();
 289
 290		if ( $results = scoper_get_results( "SELECT meta_key, meta_value FROM $wpdb->sitemeta WHERE site_id = '$wpdb->siteid' AND meta_key LIKE 'scoper_%'" ) )
 291			foreach ( $results as $row )
 292				$scoper_site_options[$row->meta_key] = $row->meta_value;
 293				
 294		$scoper_site_options = apply_filters( 'site_options_rs', $scoper_site_options );
 295		return $scoper_site_options;
 296
 297	} else {
 298		global $scoper_blog_options;
 299		
 300		$scoper_blog_options = array();
 301		
 302		if ( $results = scoper_get_results("SELECT option_name, option_value FROM $wpdb->options WHERE option_name LIKE 'scoper_%'") )
 303			foreach ( $results as $row )
 304				$scoper_blog_options[$row->option_name] = $row->option_value;
 305				
 306		$scoper_blog_options = apply_filters( 'options_rs', $scoper_blog_options );
 307		return $scoper_blog_options;
 308	}
 309}
 310
 311
 312function scoper_get_site_option( $option_basename ) {
 313	return scoper_get_option( $option_basename, true );
 314}
 315
 316function scoper_get_option($option_basename, $sitewide = -1, $get_default = false) {
 317	global $scoper_default_options;
 318	
 319	//if ( empty( $scoper_default_options ) && did_action( 'scoper_init' ) )	// Make sure other plugins have had a chance to apply any filters to default options
 320	if ( empty( $scoper_default_options ) )
 321		scoper_refresh_default_options();
 322
 323	if ( ! $get_default ) {
 324		// allow explicit selection of sitewide / non-sitewide scope for better performance and update security
 325		if ( -1 === $sitewide ) {
 326			global $scoper_options_sitewide;
 327			$sitewide = isset( $scoper_options_sitewide ) && ! empty( $scoper_options_sitewide[$option_basename] );
 328		}
 329	
 330		//dump($scoper_options_sitewide);
 331		
 332		if ( $sitewide ) {
 333			// this option is set site-wide
 334			global $scoper_site_options;
 335			
 336			if ( ! isset($scoper_site_options) || is_null($scoper_site_options) )
 337				$scoper_site_options = scoper_retrieve_options( true );	
 338				
 339			if ( isset($scoper_site_options["scoper_{$option_basename}"]) )
 340				$optval = $scoper_site_options["scoper_{$option_basename}"];
 341			
 342		} else {
 343			//dump($option_basename);
 344			global $scoper_blog_options;
 345			
 346			if ( ! isset($scoper_blog_options) || is_null($scoper_blog_options) )
 347				$scoper_blog_options = scoper_retrieve_options( false );	
 348				
 349			if ( isset($scoper_blog_options["scoper_$option_basename"]) )
 350				$optval = $scoper_blog_options["scoper_$option_basename"];
 351		}
 352	}
 353	
 354	//dump($get_default);
 355	//dump($scoper_blog_options);
 356
 357	if ( ! isset( $optval ) ) {
 358		if ( ! empty($scoper_default_options) && ! empty( $scoper_default_options[$option_basename] ) )
 359			$optval = $scoper_default_options[$option_basename];
 360			
 361		if ( ! isset($optval) ) {
 362			global $scoper_default_otype_options;
 363			if ( isset( $scoper_default_otype_options[$option_basename] ) )
 364				return $scoper_default_otype_options[$option_basename];
 365			
 366			/*
 367			else {
 368				static $hardcode_option_defaults;
 369			
 370				if ( empty($hardcode_option_defaults) ) {
 371					require_once( dirname(__FILE__).'/defaults_rs.php');
 372					$hardcode_option_defaults = scoper_default_options();
 373				}
 374					
 375				if ( isset($hardcode_option_defaults[$option_basename]) )
 376					$optval = $hardcode_option_defaults[$option_basename];	
 377				else {
 378					static $hardcode_otype_option_defaults;
 379					
 380					if ( empty($hardcode_otype_option_defaults) )
 381						$hardcode_otype_option_defaults = scoper_default_otype_options();
 382					
 383					if ( isset($hardcode_otype_option_defaults[$option_basename]) )
 384						$optval = $hardcode_otype_option_defaults[$option_basename];	
 385				}	
 386			}
 387			*/
 388		}
 389	}
 390
 391	if ( isset($optval) )
 392		$optval = maybe_unserialize($optval);
 393	else
 394		$optval = '';
 395		
 396	// merge defaults into stored option array
 397	//if ( ! empty( $GLOBALS['scoper_option_arrays'][$option_basename] ) ) {
 398		
 399	if ( 'use_post_types' == $option_basename ) {
 400		static $default_post_types;
 401		if ( empty($default_post_types) || ! did_action('init') ) {
 402			$default_post_types = array();
 403			
 404			foreach ( array_diff( get_post_types( array( 'public' => true ) ), array( 'attachment' ) ) as $type )
 405				$default_post_types[$type] = 1;
 406		}
 407		
 408		$optval = array_merge( $default_post_types, (array) $optval );
 409
 410	} elseif ( 'use_taxonomies' == $option_basename ) {	
 411		static $default_taxonomies;
 412		if ( empty($default_taxonomies) || ! did_action('init') ) {
 413			$default_taxonomies = array();
 414			
 415			$taxonomies = get_taxonomies( array( 'public' => true ) );
 416			$taxonomies[] = 'nav_menu';
 417
 418			foreach ( $taxonomies as $taxonomy )
 419				$default_taxonomies[$taxonomy] = ( isset( $GLOBALS['rs_default_disable_taxonomies'][$taxonomy] ) ) ? 0 : 1;
 420		}
 421		
 422		$optval = array_diff_key( array_merge( $default_taxonomies, (array) $optval ), $GLOBALS['rs_forbidden_taxonomies'] );  // remove forbidden taxonomies, even if previously stored
 423	} elseif ( 'use_term_roles' == $option_basename ) {
 424		if ( $optval ) {
 425			foreach( array_keys($optval) as $key ) {
 426				$optval[$key] = array_diff_key( $optval[$key], $GLOBALS['rs_forbidden_taxonomies'] ); // remove forbidden taxonomies, even if previously stored
 427			}
 428		}
 429	}
 430	
 431	return $optval;
 432}
 433
 434function scoper_get_otype_option( $option_main_key, $src_name, $object_type = '', $access_name = '')  {
 435	static $otype_options;
 436
 437	// make sure we indicate object roles disabled if object type usage is completely disabled
 438	if ( 'use_object_roles' == $option_main_key ) {
 439		if ( ( 'post' == $src_name ) && $object_type ) {
 440			$use_object_types = scoper_get_option( 'use_post_types' );
 441			if ( ( ! empty($use_object_types) ) && empty( $use_object_types[$object_type] ) )	// since default is to enable all object types, don't interfere if no use_object_types option is stored
 442				return false;
 443		}
 444	}
 445	
 446	$key = "$option_main_key,$src_name,$object_type,$access_name";
 447
 448	if ( empty($otype_options) )
 449		$otype_options = array();
 450	elseif ( isset($otype_options[$key]) )
 451		return $otype_options[$key];
 452
 453	$stored_option = scoper_get_option($option_main_key);
 454
 455	$default_otype_options = scoper_get_default_otype_options();
 456	
 457	// RS stores all portions of the otype option array together, but blending is needed because RS Extensions or other plugins can filter the default otype options array for specific taxonomies / object types
 458	$optval = awp_blend_option_array( 'scoper_', $option_main_key, $default_otype_options, 1, $stored_option );
 459	
 460	// note: access_name-specific entries are not valid for most otype options (but possibly for teaser text front vs. rss)
 461	if ( isset ( $optval[$src_name] ) )
 462		$retval = $optval[$src_name];
 463	
 464	if ( $object_type && isset( $optval["$src_name:$object_type"] ) )
 465		$retval = $optval["$src_name:$object_type"];
 466	
 467	if ( $object_type && $access_name && isset( $optval["$src_name:$object_type:$access_name"] ) )
 468		$retval = $optval["$src_name:$object_type:$access_name"];
 469	
 470
 471	// if no match was found for a source request, accept any non-empty otype match
 472	if ( ! $object_type && ! isset($retval) )
 473		foreach ( $optval as $src_otype => $val )
 474			if ( $val && ( 0 === strpos( $src_otype, "$src_name:" ) ) )
 475				$retval = $val;
 476
 477	if ( ! isset($retval) )
 478		$retval = array();
 479		
 480	$otype_options[$key] = $retval;
 481	
 482	return $retval;
 483}
 484
 485function is_taxonomy_used_rs( $taxonomy ) {
 486	global $scoper_default_otype_options;
 487
 488	$stored_option = (array) scoper_get_option( 'use_term_roles' );
 489	foreach( array_merge( array_keys($scoper_default_otype_options['use_term_roles']), array_keys($stored_option) ) as $key ) {
 490		$term_roles[$key] = ( isset($scoper_default_otype_options['use_term_roles'][$key]) ) ? $scoper_default_otype_options['use_term_roles'][$key] : array();
 491		
 492		if ( isset( $stored_option[$key] ) )
 493			$term_roles[$key] =	array_merge( $term_roles[$key], $stored_option[$key] );
 494	}
 495
 496	foreach ( $term_roles as $taxonomies )  // keyed by src_otype
 497		if ( ! empty( $taxonomies[$taxonomy] ) )
 498			return true;
 499}
 500
 501function scoper_maybe_rewrite_inclusions ( $option_name = '' ) {
 502	if ( $option_name == 'rewrite_rules' )
 503		scoper_rewrite_inclusions();
 504}
 505
 506function scoper_rewrite_inclusions ( $option_name = '' ) {
 507	// force inclusion of required files in case flush_rules() is called from outside wp-admin, to prevent error when calling get_home_path() function
 508	if ( file_exists( ABSPATH . '/wp-admin/includes/misc.php' ) )
 509		include_once( ABSPATH . '/wp-admin/includes/misc.php' );
 510	
 511	if ( file_exists( ABSPATH . '/wp-admin/includes/file.php' ) )
 512		include_once( ABSPATH . '/wp-admin/includes/file.php' );	
 513}
 514
 515// htaccess directive intercepts direct access to uploaded files, converts to WP call with custom args to be caught by subsequent parse_query filter
 516// parse_query filter will return content only if user can read a containing post/page
 517function scoper_mod_rewrite_rules ( $rules ) {
 518	if ( defined( 'SCOPER_NO_HTACCESS' ) )
 519		return $rules;
 520	
 521	$file_filtering = scoper_get_option( 'file_filtering' );
 522
 523	global $scoper;
 524	if ( ! isset($scoper) || is_null($scoper) )
 525		scoper_init();
 526	
 527	require_once( dirname(__FILE__).'/rewrite-rules_rs.php' );
 528
 529	if ( IS_MU_RS ) {
 530		if ( $file_filtering ) {
 531			require_once( dirname(__FILE__).'/rewrite-mu_rs.php' );
 532			$rules = ScoperRewriteMU::insert_site_rules( $rules );
 533		}
 534	} else {
 535		if ( ! strpos( $rules, 'BEGIN Role Scoper' ) ) {
 536			$rs_rules = ScoperRewrite::build_site_rules();
 537			$rules .= $rs_rules;
 538		}
 539	}
 540
 541	return $rules;
 542}
 543
 544function scoper_flush_site_rules() {
 545	require_once( dirname(__FILE__).'/rewrite-rules_rs.php' );
 546	ScoperRewrite::update_site_rules( true );
 547}
 548
 549function scoper_clear_site_rules() {
 550	require_once( dirname(__FILE__).'/rewrite-rules_rs.php' );
 551	remove_filter('mod_rewrite_rules', 'scoper_mod_rewrite_rules');
 552	ScoperRewrite::update_site_rules( false );
 553}
 554
 555function scoper_flush_file_rules() {
 556	require_once( dirname(__FILE__).'/rewrite-rules_rs.php' );
 557	ScoperRewrite::update_blog_file_rules();
 558}
 559
 560
 561function scoper_clear_all_file_rules() {
 562	if ( IS_MU_RS ) {
 563		require_once( dirname(__FILE__).'/rewrite-mu_rs.php' );
 564		ScoperRewriteMU::clear_all_file_rules();
 565	} else {
 566		require_once( dirname(__FILE__).'/rewrite-rules_rs.php' );
 567		ScoperRewrite::update_blog_file_rules( false );
 568	} 
 569}
 570
 571
 572// forces content rules to be regenerated in every MU blog at next access
 573function scoper_expire_file_rules() {
 574	if ( IS_MU_RS )
 575		scoper_update_option( 'file_htaccess_min_date', agp_time_gmt(), true );
 576	else {
 577		if ( did_action( 'scoper_init' ) )
 578			scoper_flush_file_rules();  // for non-MU, just regenerate the file rules (for uploads folder) now
 579		else
 580			add_action( 'scoper_init', 'scoper_flush_file_rules' );
 581	}
 582}
 583	
 584	
 585function scoper_version_check() {
 586	$ver_change = false;
 587
 588	$ver = get_option('scoper_version');
 589	
 590	if ( empty($ver['db_version']) || version_compare( SCOPER_DB_VERSION, $ver['db_version'], '!=') ) {
 591		$ver_change = true;
 592		
 593		require_once( dirname(__FILE__).'/db-setup_rs.php');
 594		scoper_db_setup($ver['db_version']);
 595	}
 596
 597	// These maintenance operations only apply when a previous version of RS was installed 
 598	if ( ! empty($ver['version']) ) {
 599		
 600		if ( version_compare( SCOPER_VERSION, $ver['version'], '!=') ) {
 601			$ver_change = true;
 602
 603			require_once( dirname(__FILE__).'/admin/update_rs.php');
 604			scoper_version_updated( $ver['version'] );
 605
 606			scoper_check_revision_settings();
 607		}
 608		
 609	} else {
 610		// first-time install (or previous install was totally wiped)
 611		require_once( dirname(__FILE__).'/admin/update_rs.php');
 612		scoper_set_default_rs_roledefs();
 613	}
 614
 615	if ( $ver_change ) {
 616		$ver = array(
 617			'version' => SCOPER_VERSION, 
 618			'db_version' => SCOPER_DB_VERSION
 619		);
 620		
 621		update_option( 'scoper_version', $ver );
 622	}
 623}
 624
 625function scoper_get_role_handle($role_name, $role_type) {
 626	return $role_type . '_' . str_replace(' ', '_', $role_name);
 627}
 628
 629function scoper_role_names_to_handles($role_names, $role_type, $fill_keys = false) {
 630	$role_names = (array) $role_names;	
 631
 632	$role_handles = array();
 633	foreach ( $role_names as $role_name )
 634		if ( $fill_keys )
 635			$role_handles[ $role_type . '_' . str_replace(' ', '_', $role_name) ] = 1;
 636		else
 637			$role_handles[]= $role_type . '_' . str_replace(' ', '_', $role_name);
 638			
 639	return $role_handles;
 640}
 641
 642function scoper_explode_role_handle($role_handle) {
 643	global $scoper_role_types;
 644	$arr = (object) array();
 645	
 646	foreach ( $scoper_role_types as $role_type ) {
 647		if ( 0 === strpos($role_handle, $role_type . '_') ) {
 648			$arr->role_type = $role_type;
 649			$arr->role_name = substr($role_handle, strlen($role_type) + 1);
 650			break;
 651		}
 652	}
 653	
 654	return $arr;
 655}
 656
 657function scoper_role_handles_to_names($role_handles) {
 658	global $scoper_role_types;
 659
 660	$role_names = array();
 661	foreach ( $role_handles as $role_handle ) {
 662		foreach ( $scoper_role_types as $role_type )
 663			$role_handle = str_replace( $role_type . '_', '', $role_handle);
 664			
 665		$role_names[] = $role_handle;
 666	}
 667	
 668	return $role_names;
 669}
 670
 671function rs_notice($message) {
 672	if ( defined( 'RS_DEBUG' ) ) {
 673		require_once( dirname(__FILE__).'/error_rs.php' );
 674		awp_notice( $message, 'Role Scoper' );
 675	}
 676}
 677
 678
 679// db wrapper methods allow us to easily avoid re-filtering our own query
 680function scoper_db_method($method_name, $query) {
 681	global $wpdb;
 682	//static $buffer;
 683	
 684	if ( is_admin() ) { // Low-level query filtering is necessary due to WP API limitations pertaining to admin GUI.
 685						// But make sure we don't chew our own cud (currently not an issue for front end)
 686		global $scoper_status;
 687	
 688		if ( empty($scoper_status) )
 689			$scoper_status = (object) array();
 690			
 691		/*
 692		$use_buffer = ('query' != $method_name ) && empty($_POST);
 693		
 694		if ( $use_buffer ) {
 695			$key = md5($query);
 696			if ( isset($buffer[$key]) )
 697				return $buffer[$key];
 698		}
 699		*/
 700
 701		$scoper_status->querying_db = true;
 702		$results = call_user_func( array(&$wpdb, $method_name), $query );
 703		$scoper_status->querying_db = false;
 704		
 705		//if ( $use_buffer )
 706		//	$buffer[$key] = $results;
 707		
 708		return $results;
 709	} else
 710		return call_user_func( array(&$wpdb, $method_name), $query );
 711}
 712
 713function scoper_get_results($query) {
 714	return scoper_db_method('get_results', $query);
 715}
 716
 717function scoper_get_row($query) {
 718	return scoper_db_method('get_row', $query);
 719}
 720
 721function scoper_get_col($query) {
 722	return scoper_db_method('get_col', $query);
 723}
 724
 725function scoper_get_var($query) {
 726	return scoper_db_method('get_var', $query);
 727}
 728
 729function scoper_query($query) {
 730	return scoper_db_method('query', $query);
 731}
 732
 733function scoper_querying_db() {
 734	if ( isset($GLOBALS['scoper_status']) )
 735		return ! empty($GLOBALS['scoper_status']->querying_db);
 736}
 737
 738function scoper_any_role_limits() {
 739	global $wpdb;
 740	
 741	$any_limits = (object) array( 'date_limited' => false, 'start_date_gmt' => false, 'end_date_gmt' => false, 'content_date_limited' => false, 'content_min_date_gmt' => false, 'content_max_date_gmt' => false );
 742
 743	if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE date_limited > 0 LIMIT 1" ) ) {
 744		$any_limits->date_limited = true;
 745		
 746		if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE start_date_gmt > 0 LIMIT 1" ) )
 747			$any_limits->start_date_gmt = true;
 748			
 749		if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE end_date_gmt != '" . SCOPER_MAX_DATE_STRING . "' LIMIT 1" ) )
 750			$any_limits->end_date_gmt = true;
 751	}
 752	
 753	if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE content_date_limited > 0 LIMIT 1" ) ) {
 754		$any_limits->content_date_limited = true;
 755		
 756		if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE content_min_date_gmt > 0 LIMIT 1" ) )
 757			$any_limits->content_min_date_gmt = true;
 758			
 759		if ( scoper_get_var( "SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE content_max_date_gmt != '" . SCOPER_MAX_DATE_STRING . "' LIMIT 1" ) )
 760			$any_limits->content_max_date_gmt = true;
 761	}
 762	
 763	return $any_limits;
 764}
 765
 766function scoper_get_duration_clause( $content_date_comparison = '', $table_prefix = 'uro', $enforce_duration_limits = true ) {
 767	static $any_role_limits;
 768	
 769	$clause = '';
 770	
 771	if ( $enforce_duration_limits && scoper_get_option( 'role_duration_limits' ) ) {
 772		if ( ! isset($any_role_limits) )
 773			$any_role_limits = scoper_any_role_limits();
 774		
 775		if ( $any_role_limits->date_limited ) {
 776			$current_time = current_time( 'mysql', 1 );
 777			
 778			$subclauses = array();
 779			
 780			if ( $any_role_limits->start_date_gmt )
 781				$subclauses []= "$table_prefix.start_date_gmt <= '$current_time'";
 782			
 783			if ( $any_role_limits->end_date_gmt )
 784				$subclauses []= "$table_prefix.end_date_gmt >= '$current_time'";
 785			
 786			$role_duration_clause = implode( " AND ", $subclauses );
 787
 788			$clause = " AND ( $table_prefix.date_limited = '0' OR ( $role_duration_clause ) ) ";
 789		}
 790	}
 791
 792	if ( $content_date_comparison && scoper_get_option( 'role_content_date_limits' ) ) {
 793		
 794		if ( ! isset($any_role_limits) )
 795			$any_role_limits = scoper_any_role_limits();
 796		
 797		if ( $any_role_limits->content_date_limited ) {
 798			$current_time = current_time( 'mysql', 1 );
 799			
 800			$subclauses = array();
 801			
 802			if ( $any_role_limits->content_min_date_gmt )
 803				$subclauses []= "$content_date_comparison >= $table_prefix.content_min_date_gmt";
 804			
 805			if ( $any_role_limits->content_max_date_gmt )
 806				$subclauses []= "$content_date_comparison <= $table_prefix.content_max_date_gmt";
 807			
 808			$content_date_clause = implode( " AND ", $subclauses );
 809
 810			$clause .= " AND ( $table_prefix.content_date_limited = '0' OR ( $content_date_clause ) ) ";
 811		}
 812	}
 813	
 814	return $clause;
 815}
 816
 817function scoper_get_property_array( &$arr, $id_prop, $buffer_prop ) {
 818	if ( ! is_array($arr) )
 819		return;
 820
 821	$buffer = array();
 822		
 823	foreach ( array_keys($arr) as $key )
 824		$buffer[ $arr[$key]->$id_prop ] = ( isset($arr[$key]->$buffer_prop) ) ? $arr[$key]->$buffer_prop : '';
 825
 826	return $buffer;
 827}
 828
 829function scoper_restore_property_array( &$target_arr, $buffer_arr, $id_prop, $buffer_prop ) {
 830	if ( ! is_array($target_arr) || ! is_array($buffer_arr) )
 831		return;
 832		
 833	foreach ( array_keys($target_arr) as $key )
 834		if ( isset( $buffer_arr[ $target_arr[$key]->$id_prop ] ) )
 835			$target_arr[$key]->$buffer_prop = $buffer_arr[ $target_arr[$key]->$id_prop ];
 836}
 837
 838function scoper_get_taxonomy_usage( $src_name, $object_types = '' ) {
 839	$taxonomies = array();
 840	$object_types = (array) $object_types;
 841
 842	foreach( $object_types as $object_type ) {
 843		if ( taxonomy_exists( $object_type ) )
 844			$use_taxonomies = array( $object_type => 1 );	// taxonomy management roles are always applied
 845		else
 846			$use_taxonomies = scoper_get_otype_option( 'use_term_roles', $src_name, $object_type );
 847
 848		$taxonomies = array_merge( $taxonomies, array_intersect( (array) $use_taxonomies, array( 1 ) ) );  // array cast prevents PHP warning on first-time execution following update to RS 1.2
 849	}
 850	
 851	if ( $taxonomies ) {
 852		// make sure we indicate non-usage of term roles for taxonomies that are completely disabled for RS
 853		if ( 'post' == $src_name ) {
 854			$use_taxonomies = scoper_get_option( 'use_taxonomies' );
 855			$taxonomies = array_intersect_key( $taxonomies, array_intersect( $use_taxonomies, array( 1 ) ) );
 856		}
 857		
 858		return array_keys($taxonomies);
 859	} else
 860		return array();
 861}
 862
 863function cr_find_post_type( $post_arg = '', $return_default = true ) {
 864	// the post argument is already an object.  Just return its post_type property
 865	if ( is_object( $post_arg ) )
 866		return $post_arg->post_type;
 867
 868	if ( $post_arg ) {
 869		// post_arg is not an object.  If its value matches global post, use that
 870		if ( ! empty($GLOBALS['post']) && is_object($GLOBALS['post']) && ( $post_arg == $GLOBALS['post']->ID ) && ( 'revision' != $GLOBALS['post']->post_type ) ) {
 871			$_type = $GLOBALS['post']->post_type;
 872
 873			if ( 'revision' == $_type )
 874				$_type = get_post_field( 'post_type', $GLOBALS['post']->post_parent );
 875		}
 876			
 877		// we have a post id but it doesn't match global post, so retrieve it
 878		if ( $_post = get_post( $post_arg ) ) {
 879			$_type = $_post->post_type;
 880			
 881			if ( 'revision' == $_type )
 882				$_type = get_post_field( 'post_type', $_post->post_parent );
 883		}
 884		
 885		if ( ! empty($_type) )
 886			return $_type;
 887	}
 888	
 889	// no post id was passed in, or we couldn't retrieve it for some reason, so check $_REQUEST args
 890	global $pagenow;
 891
 892	if ( ! empty( $GLOBALS['post'] ) && is_object($GLOBALS['post']) && ! empty( $GLOBALS['post']->post_type ) ) {
 893		$object_type = $GLOBALS['post']->post_type;
 894
 895		if ( 'revision' == $object_type )
 896			$object_type = get_post_field( 'post_type', $GLOBALS['post']->post_parent );
 897
 898	} elseif ( ! empty( $GLOBALS['wp_query']->queried_object ) && ! empty( $GLOBALS['wp_query']->queried_object->post_type ) ) {
 899		$object_type = $GLOBALS['wp_query']->queried_object->post_type;
 900		
 901	} elseif ( ! empty( $GLOBALS['wp_query']->queried_object ) && ! empty( $GLOBALS['wp_query']->queried_object->name ) ) {
 902		$object_type = $GLOBALS['wp_query']->queried_object->name;
 903		
 904	} elseif ( in_array( $pagenow, array( 'post-new.php', 'edit.php' ) ) ) {
 905		$object_type = ! empty( $_GET['post_type'] ) ? $_GET['post_type'] : 'post';
 906		
 907	} elseif ( in_array( $pagenow, array( 'edit-tags.php' ) ) ) {
 908		$object_type = ! empty( $_GET['taxonomy'] ) ? $_GET['taxonomy'] : 'category';
 909
 910	} elseif ( in_array( $pagenow, array( 'admin-ajax.php' ) ) && ! empty( $_REQUEST['taxonomy'] ) ) {
 911		$object_type = $_REQUEST['taxonomy'];
 912		
 913	} elseif ( ! empty( $_POST['post_ID'] ) ) {
 914		if ( $_post = get_post( $_POST['post_ID'] ) )
 915			$object_type = $_post->post_type;
 916				
 917	} elseif ( ! empty( $_GET['post'] ) ) {	 // post.php
 918		if ( $_post = get_post( $_GET['post'] ) )
 919			$object_type = $_post->post_type;
 920	
 921	} elseif( ! empty( $GLOBALS['scoper_object_type'] ) ) {
 922		$object_type = $GLOBALS['scoper_object_type'];
 923
 924	} elseif( ! empty($_SERVER) && is_array($_SERVER) && isset( $_SERVER['HTTP_REFERER'] ) && is_string($_SERVER['HTTP_REFERER']) ) {
 925		if ( $pos = strpos( $_SERVER['HTTP_REFERER'], '?' ) ) {
 926			$arg_str = substr( $_SERVER['HTTP_REFERER'], $pos + 1 );
 927			$args = wp_parse_args( $arg_str );
 928	
 929			if ( ! empty( $args['post'] ) ) {
 930				if ( $_post = get_post( $args['post'] ) ) {
 931					if ( isset( $_post->post_type ) ) {
 932						//rs_errlog( "cr_find_post_type - {$_post->post_type} from http_referer" );
 933						return $_post->post_type;
 934					}
 935				}
 936			}	
 937		}
 938	}
 939
 940	if ( empty($object_type) ) {
 941		if ( $return_default ) // default to post type
 942			return 'post';
 943	} elseif ( 'any' != $object_type ) {
 944		return $object_type;
 945	}
 946}
 947
 948function cr_find_object_type( $src_name, $object = '' ) {
 949	if ( 'post' == $src_name )
 950		return cr_find_post_type( $object );
 951	
 952	global $scoper;
 953	$src = $scoper->data_sources->get( $src_name );
 954	$object_id = ( is_object($object ) ) ? $src->cols->id : $object;
 955
 956	return $scoper->data_sources->detect( 'type', $src_name, $object_id );
 957}
 958
 959function cr_get_type_object( $src_name, $object_type ) {
 960	if ( 'post' == $src_name )
 961		return get_post_type_object( $object_type );
 962		
 963	global $scoper;
 964	return $scoper->data_sources->member_property( $src_name, 'object_types', $object_type );
 965}
 966
 967function scoper_get_object_id($src_name = 'post', $object_type = '') {
 968	global $scoper;
 969	return $scoper->data_sources->detect( 'id', $src_name, 0, $object_type );	
 970}
 971
 972
 973function is_administrator_rs( $src_or_tx = '', $admin_type = 'content', $user = '' ) {
 974	if ( ! $user ) {
 975		global $current_user;
 976		$user = $current_user;
 977		
 978		if ( IS_MU_RS && function_exists('is_super_admin') && is_super_admin() ) {
 979			return true;
 980		}
 981	}
 982
 983	if ( empty($user->ID) )
 984		return false;
 985		
 986	$return = '';
 987
 988	$admin_cap_name = scoper_get_administrator_cap( $admin_type );
 989	$return = ! empty( $user->allcaps[$admin_cap_name] );
 990	
 991	if ( ! $return && $src_or_tx && ! empty($GLOBALS['scoper']) ) {
 992		if ( ! is_object($src_or_tx) ) {
 993			global $scoper;
 994			if ( ! $src_or_tx = $scoper->data_sources->get( $src_or_tx ) )
 995				$src_or_tx = $scoper->taxonomies->get( $src_or_tx );
 996		}
 997			
 998		if ( is_object($src_or_tx) && ! empty($src_or_tx->defining_module) ) {
 999			if ( ! in_array( $src_or_tx->defining_module, array( 'role-scoper', 'wordpress', 'wp' ) ) ) {
1000				// user is not a universal administrator, but are they an administrator for the specified module (plugin-defined data source) ?
1001				static $admin_caps;
1002				
1003				if ( ! isset($admin_caps) )
1004					$admin_caps = apply_filters( 'define_administrator_caps_rs', array() );
1005		
1006				if ( ! empty( $admin_caps[ $src_or_tx->defining_module ] ) )
1007					$return = ! empty( $user->allcaps[ $admin_caps[ $src_or_tx->defining_module ] ] );
1008			}
1009		}
1010	}
1011	
1012	return $return;
1013}
1014
1015function is_option_administrator_rs( $user = '' ) {
1016	return is_administrator_rs( '', 'option', $user );
1017}
1018
1019function is_user_administrator_rs( $user = '' ) {
1020	return is_administrator_rs( '', 'user', $user );
1021} 
1022
1023function is_content_administrator_rs( $user = '' ) {
1024	return is_administrator_rs( '', 'content', $user );
1025}
1026
1027function scoper_get_administrator_cap( $admin_type ) {
1028	if ( ! $admin_type )
1029		$admin_type = 'content';
1030	
1031	// Note: to differentiate content administrator role, define a custom cap such as "administer_all_content", add it to a custom Role, and add the following line to wp-config.php: define( 'SCOPER_CONTENT_ADMIN_CAP', 'cap_name' );
1032	$default_cap = array( 'option' => 'manage_options', 'user' => 'edit_users', 'content' => 'activate_plugins' );
1033
1034	$constant_name = 'SCOPER_' . strtoupper($admin_type) . '_ADMIN_CAP';
1035	$cap_name = ( defined( $constant_name ) ) ? constant( $constant_name ) : $default_cap[$admin_type];
1036	
1037	if ( 'read' == $cap_name )	// avoid catostrophic mistakes
1038		$cap_name = $default_cap[$admin_type];
1039		
1040	return $cap_name;
1041}
1042
1043?>