PageRenderTime 1128ms CodeModel.GetById 222ms app.highlight 602ms RepoModel.GetById 179ms app.codeStats 1ms

/classes/PodsAdmin.php

https://github.com/ElmsPark/pods
PHP | 1633 lines | 1116 code | 366 blank | 151 comment | 363 complexity | cf249ccd56a4ffe257cd6089ac755e0b MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1<?php
   2/**
   3 * @package Pods
   4 */
   5class PodsAdmin {
   6
   7    /**
   8     * @var PodsAPI
   9     */
  10    private $api;
  11
  12    /**
  13     * @var PodsData
  14     */
  15    private $data;
  16
  17    /**
  18     * Setup and Handle Admin functionality
  19     *
  20     * @license http://www.gnu.org/licenses/gpl-2.0.html
  21     * @since 2.0.0
  22     */
  23    public function __construct () {
  24        $this->api = pods_api();
  25        $this->data = pods_data();
  26
  27        // Scripts / Stylesheets
  28        add_action( 'admin_enqueue_scripts', array( $this, 'admin_head' ) );
  29
  30        // AJAX $_POST fix
  31        add_action( 'admin_init', array( $this, 'admin_init' ), 9 );
  32
  33        // Menus
  34        add_action( 'admin_menu', array( $this, 'admin_menu' ), 99 );
  35
  36        // AJAX for Admin
  37        add_action( 'wp_ajax_pods_admin', array( $this, 'admin_ajax' ) );
  38        add_action( 'wp_ajax_nopriv_pods_admin', array( $this, 'admin_ajax' ) );
  39
  40        // AJAX for Uploads
  41        add_action( 'wp_ajax_pods_upload', array( $this, 'admin_ajax_upload' ) );
  42        add_action( 'wp_ajax_nopriv_pods_upload', array( $this, 'admin_ajax_upload' ) );
  43
  44        // AJAX for Relationship lookups
  45        add_action( 'wp_ajax_pods_relationship', array( $this, 'admin_ajax_relationship' ) );
  46        add_action( 'wp_ajax_nopriv_pods_relationship', array( $this, 'admin_ajax_relationship' ) );
  47
  48        // Add Media Bar button for Shortcode
  49        add_action( 'media_buttons', array( $this, 'media_button' ), 12 );
  50
  51        // Add the Pods capabilities
  52        add_filter( 'members_get_capabilities', array( $this, 'admin_capabilities' ) );
  53
  54        add_action( 'admin_head-media-upload-popup', array( $this, 'register_media_assets' ) );
  55    }
  56
  57    /**
  58     * Init the admin area
  59     *
  60     * @since 2.0.0
  61     */
  62    public function admin_init () {
  63        // Fix for plugins that *don't do it right* so we don't cause issues for users
  64        if ( defined( 'DOING_AJAX' ) && !empty( $_POST ) && ( in_array( pods_var( 'action', 'get' ), array( 'pods_admin', 'pods_relationship', 'pods_upload', 'pods_admin_components' ) ) || in_array( pods_var( 'action', 'post' ), array( 'pods_admin', 'pods_relationship', 'pods_upload', 'pods_admin_components' ) ) ) ) {
  65            foreach ( $_POST as $key => $value ) {
  66                if ( 'action' == $key )
  67                    continue;
  68
  69                unset( $_POST[ $key ] );
  70
  71                $_POST[ '_podsfix_' . $key ] = $value;
  72            }
  73        }
  74    }
  75
  76    /**
  77     * Attach requirements to admin header
  78     *
  79     * @since 2.0.0
  80     */
  81    public function admin_head () {
  82        wp_register_style( 'pods-admin', PODS_URL . 'ui/css/pods-admin.css', array(), PODS_VERSION );
  83
  84        wp_register_script( 'pods-floatmenu', PODS_URL . 'ui/js/floatmenu.js', array(), PODS_VERSION );
  85
  86        wp_register_script( 'pods-admin-importer', PODS_URL . 'ui/js/admin-importer.js', array(), PODS_VERSION );
  87
  88        wp_register_style( 'pods-manage', PODS_URL . 'ui/css/pods-manage.css', array(), PODS_VERSION );
  89
  90        wp_register_style( 'pods-wizard', PODS_URL . 'ui/css/pods-wizard.css', array(), PODS_VERSION );
  91
  92        wp_register_script( 'pods-upgrade', PODS_URL . 'ui/js/jquery.pods.upgrade.js', array(), PODS_VERSION );
  93
  94        if ( isset( $_GET[ 'page' ] ) ) {
  95            $page = $_GET[ 'page' ];
  96            if ( 'pods' == $page || ( false !== strpos( $page, 'pods-' ) && 0 === strpos( $page, 'pods-' ) ) ) {
  97                ?>
  98            <script type="text/javascript">
  99                var PODS_URL = "<?php echo PODS_URL; ?>";
 100            </script>
 101            <?php
 102                wp_enqueue_script( 'jquery' );
 103                wp_enqueue_script( 'jquery-ui-core' );
 104                wp_enqueue_script( 'jquery-ui-sortable' );
 105
 106                wp_enqueue_style( 'jquery-ui' );
 107
 108                wp_enqueue_script( 'pods-floatmenu' );
 109
 110                wp_enqueue_style( 'pods-qtip' );
 111                wp_enqueue_script( 'jquery-qtip' );
 112                wp_enqueue_script( 'pods-qtip-init' );
 113
 114                wp_enqueue_script( 'pods' );
 115
 116                if ( 0 === strpos( $page, 'pods-manage-' ) || 0 === strpos( $page, 'pods-add-new-' ) )
 117                    wp_enqueue_script( 'post' );
 118                else
 119                    wp_enqueue_style( 'pods-admin' );
 120
 121                if ( 'pods-advanced' == $page ) {
 122                    wp_register_style( 'pods-advanced', PODS_URL . 'ui/css/pods-advanced.css', array(), '1.0' );
 123                    wp_enqueue_style( 'pods-advanced' );
 124
 125                    wp_enqueue_script( 'jquery-ui-effects-core', PODS_URL . 'ui/js/jquery-ui/jquery.effects.core.js', array( 'jquery' ), '1.8.8' );
 126                    wp_enqueue_script( 'jquery-ui-effects-fade', PODS_URL . 'ui/js/jquery-ui/jquery.effects.fade.js', array( 'jquery' ), '1.8.8' );
 127                    wp_enqueue_script( 'jquery-ui-dialog' );
 128
 129                    wp_register_script( 'pods-advanced', PODS_URL . 'ui/js/advanced.js', array(), PODS_VERSION );
 130                    wp_enqueue_script( 'pods-advanced' );
 131                }
 132                elseif ( 'pods-packages' == $page )
 133                    wp_enqueue_style( 'pods-wizard' );
 134                elseif ( 'pods-wizard' == $page || 'pods-upgrade' == $page || ( in_array( $page, array( 'pods', 'pods-add-new' ) ) && in_array( pods_var( 'action', 'get', 'manage' ), array( 'add', 'manage' ) ) ) ) {
 135                    wp_enqueue_style( 'pods-wizard' );
 136
 137                    if ( 'pods-upgrade' == $page )
 138                        wp_enqueue_script( 'pods-upgrade' );
 139                }
 140            }
 141        }
 142    }
 143
 144    /**
 145     * Buld the admin menus
 146     *
 147     * @since 2.0.0
 148     */
 149    public function admin_menu () {
 150        $results = $this->api->load_pods( array(
 151            'type' => 'pod'
 152        ) );
 153
 154        $all_pods = $this->api->load_pods();
 155
 156        if ( !PodsInit::$upgrade_needed ) {
 157            if ( false !== $results ) {
 158                $submenu = array();
 159
 160                $pods_pages = 0;
 161
 162                foreach ( (array) $results as $item ) {
 163                    if ( !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods' ) && !current_user_can( 'pods_content' ) && !current_user_can( 'pods_add_' . $item[ 'name' ] ) && !current_user_can( 'pods_edit_' . $item[ 'name' ] ) && !current_user_can( 'pods_delete_' . $item[ 'name' ] ) )
 164                        continue;
 165
 166                    if ( 1 == pods_var( 'show_in_menu', $item[ 'options' ], 0 ) ) {
 167                        $menu_label = pods_var_raw( 'menu_name', $item[ 'options' ], pods_var_raw( 'label', $item, ucwords( str_replace( '_', ' ', $item[ 'name' ] ) ), null, true ), null, true );
 168                        $menu_label = apply_filters( 'pods_admin_menu_label', $menu_label, $item );
 169
 170                        $singular_label = pods_var_raw( 'label_singular', $item[ 'options' ], pods_var_raw( 'label', $item, ucwords( str_replace( '_', ' ', $item[ 'name' ] ) ), null, true ), null, true );
 171                        $plural_label = pods_var_raw( 'label', $item, ucwords( str_replace( '_', ' ', $item[ 'name' ] ) ), null, true );
 172
 173                        $menu_icon = pods_var_raw( 'menu_icon', $item[ 'options' ], '', null, true );
 174
 175                        $parent_page = null;
 176
 177                        if ( is_super_admin() || current_user_can( 'delete_users' ) || current_user_can( 'pods' ) || current_user_can( 'pods_content' ) || current_user_can( 'pods_edit_' . $item[ 'name' ] ) || current_user_can( 'pods_delete_' . $item[ 'name' ] ) ) {
 178                            $pods_pages++;
 179
 180                            $parent_page = $page = 'pods-manage-' . $item[ 'name' ];
 181
 182                            add_menu_page( $menu_label, $menu_label, 'read', $parent_page, '', $menu_icon, '57.' . ( 10 < count( $pods_pages ) ? $pods_pages : '0' . $pods_pages ) );
 183
 184                            $all_title = $plural_label;
 185                            $all_label = __( 'All', 'pods' ) . ' ' . $plural_label;
 186
 187                            if ( $page == pods_var( 'page', 'get' ) ) {
 188                                if ( 'edit' == pods_var( 'action', 'get', 'manage' ) )
 189                                    $all_title = __( 'Edit', 'pods' ) . ' ' . $singular_label;
 190                                elseif ( 'add' == pods_var( 'action', 'get', 'manage' ) )
 191                                    $all_title = __( 'Add New', 'pods' ) . ' ' . $singular_label;
 192                            }
 193
 194                            add_submenu_page( $parent_page, $all_title, $all_label, 'read', $page, array( $this, 'admin_content' ) );
 195                        }
 196
 197                        if ( is_super_admin() || current_user_can( 'delete_users' ) || current_user_can( 'pods' ) || current_user_can( 'pods_content' ) || current_user_can( 'pods_add_' . $item[ 'name' ] ) ) {
 198                            $page = 'pods-add-new-' . $item[ 'name' ];
 199
 200                            if ( null === $parent_page ) {
 201                                $pods_pages++;
 202
 203                                $parent_page = $page;
 204
 205                                add_menu_page( $menu_label, $menu_label, 'read', $parent_page, '', $menu_icon, '57.' . ( 10 < count( $pods_pages ) ? $pods_pages : '0' . $pods_pages ) );
 206                            }
 207
 208                            $add_title = __( 'Add New', 'pods' ) . ' ' . $singular_label;
 209                            $add_label = __( 'Add New', 'pods' );
 210
 211                            add_submenu_page( $parent_page, $add_title, $add_label, 'read', $page, array( $this, 'admin_content' ) );
 212                        }
 213                    }
 214                    else
 215                        $submenu[] = $item;
 216                }
 217
 218                $submenu = apply_filters( 'pods_admin_menu_secondary_content', $submenu );
 219
 220                if ( !empty( $submenu ) && ( !defined( 'PODS_DISABLE_CONTENT_MENU' ) || !PODS_DISABLE_CONTENT_MENU ) ) {
 221                    $parent_page = null;
 222
 223                    foreach ( $submenu as $item ) {
 224                        $singular_label = pods_var_raw( 'label_singular', $item[ 'options' ], pods_var_raw( 'label', $item, ucwords( str_replace( '_', ' ', $item[ 'name' ] ) ), null, true ), null, true );
 225                        $plural_label = pods_var_raw( 'label', $item, ucwords( str_replace( '_', ' ', $item[ 'name' ] ) ), null, true );
 226
 227                        if ( is_super_admin() || current_user_can( 'delete_users' ) || current_user_can( 'pods' ) || current_user_can( 'pods_content' ) || current_user_can( 'pods_edit_' . $item[ 'name' ] ) || current_user_can( 'pods_delete_' . $item[ 'name' ] ) ) {
 228                            $page = 'pods-manage-' . $item[ 'name' ];
 229
 230                            if ( null === $parent_page ) {
 231                                $parent_page = $page;
 232
 233                                add_menu_page( 'Pods', 'Pods', 'read', $parent_page, null, PODS_URL . 'ui/images/icon16.png', '58.5' );
 234                            }
 235
 236                            $all_title = $plural_label;
 237                            $all_label = __( 'Manage', 'pods' ) . ' ' . $plural_label;
 238
 239                            if ( $page == pods_var( 'page', 'get' ) ) {
 240                                if ( 'edit' == pods_var( 'action', 'get', 'manage' ) )
 241                                    $all_title = __( 'Edit', 'pods' ) . ' ' . $singular_label;
 242                                elseif ( 'add' == pods_var( 'action', 'get', 'manage' ) )
 243                                    $all_title = __( 'Add New', 'pods' ) . ' ' . $singular_label;
 244                            }
 245
 246                            add_submenu_page( $parent_page, $all_title, $all_label, 'read', $page, array( $this, 'admin_content' ) );
 247                        }
 248                        elseif ( current_user_can( 'pods_add_' . $item[ 'name' ] ) ) {
 249                            $page = 'pods-add-new-' . $item[ 'name' ];
 250
 251                            if ( null === $parent_page ) {
 252                                $parent_page = $page;
 253
 254                                add_menu_page( 'Pods', 'Pods', 'read', $parent_page, null, PODS_URL . 'ui/images/icon16.png', '58.5' );
 255                            }
 256
 257                            $add_title = __( 'Add New', 'pods' ) . ' ' . $singular_label;
 258                            $add_label = __( 'Manage', 'pods' ) . ' ' . $plural_label;
 259
 260                            add_submenu_page( $parent_page, $add_title, $add_label, 'read', $page, array( $this, 'admin_content' ) );
 261                        }
 262                    }
 263                }
 264            }
 265
 266            $admin_menus = array(
 267                'pods' => array(
 268                    'label' => __( 'Edit Pods', 'pods' ),
 269                    'function' => array( $this, 'admin_setup' ),
 270                    'access' => 'pods'
 271                ),
 272                'pods-add-new' => array(
 273                    'label' => __( 'Add New', 'pods' ),
 274                    'function' => array( $this, 'admin_setup' ),
 275                    'access' => 'pods'
 276                ),
 277                'pods-components' => array(
 278                    'label' => __( 'Components', 'pods' ),
 279                    'function' => array( $this, 'admin_components' ),
 280                    'access' => 'pods_components'
 281                ),
 282                'pods-settings' => array(
 283                    'label' => __( 'Settings', 'pods' ),
 284                    'function' => array( $this, 'admin_settings' ),
 285                    'access' => 'pods_settings'
 286                ),
 287                'pods-help' => array(
 288                    'label' => __( 'Help', 'pods' ),
 289                    'function' => array( $this, 'admin_help' )
 290                )
 291            );
 292
 293            if ( empty( $all_pods ) )
 294                unset( $admin_menus[ 'pods' ] );
 295        }
 296        else {
 297            $admin_menus = array(
 298                'pods-upgrade' => array(
 299                    'label' => __( 'Upgrade', 'pods' ),
 300                    'function' => array( $this, 'admin_upgrade' ),
 301                    'access' => 'manage_options'
 302                ),
 303                'pods-settings' => array(
 304                    'label' => __( 'Settings', 'pods' ),
 305                    'function' => array( $this, 'admin_settings' ),
 306                    'access' => 'pods_settings'
 307                ),
 308                'pods-help' => array(
 309                    'label' => __( 'Help', 'pods' ),
 310                    'function' => array( $this, 'admin_help' )
 311                )
 312            );
 313
 314            add_action( 'admin_notices', array( $this, 'upgrade_notice' ) );
 315        }
 316
 317        $admin_menus = apply_filters( 'pods_admin_menu', $admin_menus );
 318
 319        $parent = false;
 320
 321        if ( !empty( $admin_menus ) && ( !defined( 'PODS_DISABLE_ADMIN_MENU' ) || !PODS_DISABLE_ADMIN_MENU ) ) {
 322            foreach ( $admin_menus as $page => $menu_item ) {
 323                if ( !is_super_admin() && !current_user_can( 'delete_users' ) && isset( $menu_item[ 'access' ] ) ) {
 324                    $access = (array) $menu_item[ 'access' ];
 325
 326                    $ok = false;
 327
 328                    foreach ( $access as $cap ) {
 329                        if ( current_user_can( $cap ) ) {
 330                            $ok = true;
 331
 332                            break;
 333                        }
 334                    }
 335
 336                    if ( !$ok )
 337                        continue;
 338                }
 339
 340                // Don't just show the help page
 341                if ( false === $parent && 'pods-help' == $page )
 342                    continue;
 343
 344                if ( !isset( $menu_item[ 'label' ] ) )
 345                    $menu_item[ 'label' ] = $page;
 346
 347                if ( false === $parent ) {
 348                    $parent = $page;
 349
 350                    $menu = __( 'Pods Admin', 'pods' );
 351
 352                    if ( 'pods-upgrade' == $parent )
 353                        $menu = __( 'Pods Upgrade', 'pods' );
 354
 355                    add_menu_page( $menu, $menu, 'read', $parent, null, PODS_URL . 'ui/images/icon16.png' );
 356                }
 357
 358                add_submenu_page( $parent, $menu_item[ 'label' ], $menu_item[ 'label' ], 'read', $page, $menu_item[ 'function' ] );
 359
 360                if ( 'pods-components' == $page )
 361                    PodsInit::$components->menu( $parent );
 362            }
 363        }
 364    }
 365
 366    public function upgrade_notice () {
 367        echo '<div class="error fade"><p>';
 368        echo sprintf(
 369            __( '<strong>NOTICE:</strong> Pods %s requires your action to complete the upgrade. Please run the <a href="%s">Upgrade Wizard</a>.', 'pods' ),
 370            PODS_VERSION,
 371            admin_url( 'admin.php?page=pods-upgrade' )
 372        );
 373        echo '</p></div>';
 374    }
 375
 376    /**
 377     * Create PodsUI content for the administration pages
 378     */
 379    public function admin_content () {
 380        $pod_name = str_replace( array( 'pods-manage-', 'pods-add-new-' ), '', $_GET[ 'page' ] );
 381
 382        $pod = pods( $pod_name, pods_var( 'id', 'get', null, null, true ) );
 383
 384        $default = 'manage';
 385
 386        if ( false !== strpos( $_GET[ 'page' ], 'pods-add-new-' ) )
 387            $default = 'add';
 388
 389        $actions_disabled = array(
 390            'duplicate' => 'duplicate',
 391            'view' => 'view',
 392            'export' => 'export'
 393        );
 394
 395        if ( 1 == pods_var( 'ui_export', $pod->pod_data[ 'options' ], 0 ) )
 396            unset( $actions_disabled[ 'export' ] );
 397
 398        $author_restrict = false;
 399
 400        if ( isset( $pod->fields[ 'author' ] ) && 'pick' == $pod->fields[ 'author' ][ 'type' ] && 'user' == $pod->fields[ 'author' ][ 'pick_object' ] )
 401            $author_restrict = 'author.ID';
 402
 403        if ( !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods' ) && !current_user_can( 'pods_content' ) ) {
 404            if ( !current_user_can( 'pods_add_' . $pod_name ) ) {
 405                $actions_disabled[ 'add' ] = 'add';
 406                $default = 'manage';
 407            }
 408
 409            if ( !$author_restrict && !current_user_can( 'pods_edit_' . $pod_name ) && !current_user_can( 'pods_edit_others_' . $pod_name ) )
 410                $actions_disabled[ 'edit' ] = 'edit';
 411
 412            if ( !$author_restrict && !current_user_can( 'pods_delete_' . $pod_name ) && !current_user_can( 'pods_delete_others_' . $pod_name ) )
 413                $actions_disabled[ 'delete' ] = 'delete';
 414
 415            if ( !current_user_can( 'pods_export_' . $pod_name ) )
 416                $actions_disabled[ 'export' ] = 'export';
 417        }
 418
 419        $_GET[ 'action' ] = pods_var( 'action', 'get', $default );
 420
 421        $index = $pod->pod_data[ 'field_id' ];
 422        $label = __( 'ID', 'pods' );
 423
 424        if ( isset( $pod->pod_data[ 'fields' ][ $pod->pod_data[ 'field_index' ] ] ) ) {
 425            $index = $pod->pod_data[ 'field_index' ];
 426            $label = $pod->pod_data[ 'fields' ][ $pod->pod_data[ 'field_index' ] ];
 427        }
 428
 429        $manage = array(
 430            $index => $label
 431        );
 432
 433        if ( isset( $pod->pod_data[ 'fields' ][ 'modified' ] ) )
 434            $manage[ 'modified' ] = $pod->pod_data[ 'fields' ][ 'modified' ][ 'label' ];
 435
 436        $manage = apply_filters( 'pods_admin_ui_fields_' . $pod->pod, apply_filters( 'pods_admin_ui_fields', $manage, $pod->pod, $pod ), $pod->pod, $pod );
 437
 438        $ui = array(
 439            'pod' => $pod,
 440            'fields' => array(
 441                'manage' => $manage,
 442                'add' => $pod->pod_data[ 'fields' ],
 443                'edit' => $pod->pod_data[ 'fields' ],
 444                'duplicate' => $pod->pod_data[ 'fields' ]
 445            ),
 446            'actions_disabled' => $actions_disabled
 447        );
 448
 449        if ( !empty( $author_restrict ) )
 450            $ui[ 'restrict' ] = array( 'author_restrict' => $author_restrict );
 451
 452        if ( !in_array( 'delete', $ui[ 'actions_disabled' ] ) ) {
 453            $ui[ 'actions_bulk' ] = array(
 454                'delete' => array(
 455                    'label' => __( 'Delete', 'pods' )
 456                    // callback not needed, Pods has this built-in for delete
 457                )
 458            );
 459        }
 460
 461        // @todo Customize the Add New / Manage links to point to their correct menu items
 462
 463        $ui = apply_filters( 'pods_admin_ui_' . $pod->pod, apply_filters( 'pods_admin_ui', $ui, $pod->pod, $pod ), $pod->pod, $pod );
 464
 465        pods_ui( $ui );
 466    }
 467
 468    /**
 469     * Add media button for Pods shortcode
 470     *
 471     * @param $context
 472     *
 473     * @return string
 474     */
 475    public function media_button ( $context = null ) {
 476        $current_page = basename( $_SERVER[ 'PHP_SELF' ] );
 477        $current_page = explode( '?', $current_page );
 478        $current_page = explode( '#', $current_page[ 0 ] );
 479        $current_page = $current_page[ 0 ];
 480
 481        // Only show the button on post type pages
 482        if ( !in_array( $current_page, array( 'post-new.php', 'post.php' ) ) )
 483            return $context;
 484
 485        add_action( 'admin_footer', array( $this, 'mce_popup' ) );
 486
 487        echo '<a href="#TB_inline?width=640&inlineId=pods_shortcode_form" class="thickbox" id="add_pod_button" title="Pods Shortcode"><img src="' . PODS_URL . 'ui/images/icon16.png" alt="Pods Shortcode" /></a>';
 488    }
 489
 490    /**
 491     * Enqueue assets for Media Library Popup
 492     */
 493    public function register_media_assets () {
 494        if ( 'pods_media_attachment' == pods_var( 'inlineId', 'get' ) )
 495            wp_enqueue_style( 'pods-attach' );
 496    }
 497
 498    /**
 499     * Output Pods shortcode popup window
 500     */
 501    public function mce_popup () {
 502        pods_view( PODS_DIR . 'ui/admin/shortcode.php', compact( array_keys( get_defined_vars() ) ) );
 503    }
 504
 505    /**
 506     * Handle main Pods Setup area for managing Pods and Fields
 507     */
 508    public function admin_setup () {
 509        $pods = $this->api->load_pods();
 510
 511        $view = pods_var( 'view', 'get', 'all', null, true );
 512
 513        if ( empty( $pods ) && !isset( $_GET[ 'action' ] ) )
 514            $_GET[ 'action' ] = 'add';
 515
 516        if ( 'pods-add-new' == $_GET[ 'page' ] ) {
 517            if ( isset( $_GET[ 'action' ] ) && 'add' != $_GET[ 'action' ] )
 518                pods_redirect( pods_var_update( array( 'page' => 'pods', 'action' => $_GET[ 'action' ] ) ) );
 519            else
 520                $_GET[ 'action' ] = 'add';
 521        }
 522        elseif ( isset( $_GET[ 'action' ] ) && 'add' == $_GET[ 'action' ] )
 523            pods_redirect( pods_var_update( array( 'page' => 'pods-add-new', 'action' => '' ) ) );
 524
 525        $types = array(
 526            'post_type' => __( 'Post Type (extended)', 'pods' ),
 527            'taxonomy' => __( 'Taxonomy (extended)', 'pods' ),
 528            'cpt' => __( 'Custom Post Type', 'pods' ),
 529            'ct' => __( 'Custom Taxonomy', 'pods' ),
 530            'user' => __( 'User (extended)', 'pods' ),
 531            'media' => __( 'Media (extended)', 'pods' ),
 532            'comment' => __( 'Comments (extended)', 'pods' ),
 533            'pod' => __( 'Advanced Content Type', 'pods' )
 534        );
 535
 536        $row = false;
 537
 538        $pod_types_found = array();
 539
 540        foreach ( $pods as $k => &$pod ) {
 541            if ( isset( $types[ $pod[ 'type' ] ] ) ) {
 542                if ( in_array( $pod[ 'type' ], array( 'post_type', 'taxonomy' ) ) ) {
 543                    if ( empty( $pod[ 'object' ] ) ) {
 544                        if ( 'post_type' == $pod[ 'type' ] )
 545                            $pod[ 'type' ] = 'cpt';
 546                        else
 547                            $pod[ 'type' ] = 'ct';
 548                    }
 549                }
 550
 551                if ( !isset( $pod_types_found[ $pod[ 'type' ] ] ) )
 552                    $pod_types_found[ $pod[ 'type' ] ] = 1;
 553                else
 554                    $pod_types_found[ $pod[ 'type' ] ]++;
 555
 556                if ( 'all' != $view && $view != $pod[ 'type' ] ) {
 557                    unset( $pods[ $k ] );
 558
 559                    continue;
 560                }
 561
 562                $pod[ 'type' ] = $types[ $pod[ 'type' ] ];
 563            }
 564            elseif ( 'all' != $view )
 565                continue;
 566
 567            $pod[ 'storage' ] = ucwords( $pod[ 'storage' ] );
 568
 569            if ( $pod[ 'id' ] == pods_var( 'id' ) && 'delete' != pods_var( 'action' ) )
 570                $row = $pod;
 571        }
 572
 573        if ( false === $row && 0 < pods_var( 'id' ) && 'delete' != pods_var( 'action' ) ) {
 574            pods_message( 'Pod not found', 'error' );
 575
 576            unset( $_GET[ 'id' ] );
 577            unset( $_GET[ 'action' ] );
 578        }
 579
 580        $ui = array(
 581            'data' => $pods,
 582            'row' => $row,
 583            'total' => count( $pods ),
 584            'total_found' => count( $pods ),
 585            'icon' => PODS_URL . 'ui/images/icon32.png',
 586            'items' => 'Pods',
 587            'item' => 'Pod',
 588            'fields' => array(
 589                'manage' => array(
 590                    'label' => array( 'label' => __( 'Label', 'pods' ) ),
 591                    'name' => array( 'label' => __( 'Name', 'pods' ) ),
 592                    'type' => array( 'label' => __( 'Type', 'pods' ) ),
 593                    'storage' => array( 'label' => __( 'Storage Type', 'pods' ) )
 594                )
 595            ),
 596            'actions_disabled' => array( 'duplicate', 'view', 'export' ),
 597            'actions_custom' => array(
 598                'add' => array( $this, 'admin_setup_add' ),
 599                'edit' => array( $this, 'admin_setup_edit' ),
 600                'reset' => array(
 601                    'label' => __( 'Delete All Items', 'pods' ),
 602                    'confirm' => __( 'Are you sure you want to delete all items from this Pod?', 'pods' ),
 603                    'callback' => array( $this, 'admin_setup_reset' )
 604                ),
 605                'delete' => array( $this, 'admin_setup_delete' )
 606            ),
 607            'action_links' => array(
 608                'add' => pods_var_update( array( 'page' => 'pods-add-new', 'action' => '' ) )
 609            ),
 610            'search' => false,
 611            'searchable' => false,
 612            'sortable' => true,
 613            'pagination' => false
 614        );
 615
 616        if ( 1 < count( $pod_types_found ) ) {
 617            $ui[ 'views' ] = array( 'all' => __( 'All', 'pods' ) );
 618            $ui[ 'view' ] = $view;
 619            $ui[ 'heading' ] = array( 'views' => __( 'Type', 'pods' ) );
 620            $ui[ 'filters_enhanced' ] = true;
 621
 622            foreach ( $pod_types_found as $pod_type => $number_found ) {
 623                $ui[ 'views' ][ $pod_type ] = $types[ $pod_type ];
 624            }
 625        }
 626
 627        pods_ui( $ui );
 628    }
 629
 630    /**
 631     * Get the add page of an object
 632     *
 633     * @param $obj
 634     */
 635    public function admin_setup_add ( $obj ) {
 636        pods_view( PODS_DIR . 'ui/admin/setup-add.php', compact( array_keys( get_defined_vars() ) ) );
 637    }
 638
 639    /**
 640     * Get the edit page of an object
 641     *
 642     * @param $duplicate
 643     * @param $obj
 644     */
 645    public function admin_setup_edit ( $duplicate, $obj ) {
 646        pods_view( PODS_DIR . 'ui/admin/setup-edit.php', compact( array_keys( get_defined_vars() ) ) );
 647    }
 648
 649    /**
 650     * Delete a pod
 651     *
 652     * @param $id
 653     * @param $obj
 654     *
 655     * @return mixed
 656     */
 657    public function admin_setup_delete ( $id, &$obj ) {
 658        $pod = $this->api->load_pod( array( 'id' => $id ), false );
 659
 660        if ( empty( $pod ) )
 661            return $obj->error( __( 'Pod not found.', 'pods' ) );
 662
 663        $this->api->delete_pod( array( 'id' => $id ) );
 664
 665        unset( $obj->data[ $pod[ 'id' ] ] );
 666
 667        $obj->total = count( $obj->data );
 668        $obj->total_found = count( $obj->data );
 669
 670        $obj->message( __( 'Pod deleted successfully.', 'pods' ) );
 671    }
 672
 673    /**
 674     * Reset a pod
 675     *
 676     * @param $id
 677     * @param $obj
 678     *
 679     * @return mixed
 680     */
 681    public function admin_setup_reset ( &$obj, $id ) {
 682        $pod = $this->api->load_pod( array( 'id' => $id ), false );
 683
 684        if ( empty( $pod ) )
 685            return $obj->error( __( 'Pod not found.', 'pods' ) );
 686
 687        $this->api->reset_pod( array( 'id' => $id ) );
 688
 689        $obj->message( __( 'Pod reset successfully.', 'pods' ) );
 690
 691        $obj->manage();
 692    }
 693
 694    /**
 695     * Get advanced administration view.
 696     */
 697    public function admin_advanced () {
 698        pods_view( PODS_DIR . 'ui/admin/advanced.php', compact( array_keys( get_defined_vars() ) ) );
 699    }
 700
 701    /**
 702     * Get settings administration view
 703     */
 704    public function admin_settings () {
 705        pods_view( PODS_DIR . 'ui/admin/settings.php', compact( array_keys( get_defined_vars() ) ) );
 706    }
 707
 708    /**
 709     * Get components administration UI
 710     */
 711    public function admin_components () {
 712        $components = PodsInit::$components->components;
 713
 714        $view = pods_var( 'view', 'get', 'all', null, true );
 715
 716        foreach ( $components as $component => &$component_data ) {
 717            if ( 'all' != $view && ( !isset( $component_data[ 'Category' ] ) || $view != sanitize_title( $component_data[ 'Category' ] ) ) ) {
 718                unset( $components[ $component ] );
 719
 720                continue;
 721            }
 722
 723            $component_data[ 'Name' ] = strip_tags( $component_data[ 'Name' ] );
 724
 725            $meta = array();
 726
 727            if ( !empty( $component_data[ 'Version' ] ) )
 728                $meta[] = 'Version ' . $component_data[ 'Version' ];
 729
 730            if ( empty( $component_data[ 'Author' ] ) ) {
 731                $component_data[ 'Author' ] = 'Pods Framework Team';
 732                $component_data[ 'AuthorURI' ] = 'http://pods.io/';
 733            }
 734
 735            if ( !empty( $component_data[ 'AuthorURI' ] ) )
 736                $component_data[ 'Author' ] = '<a href="' . $component_data[ 'AuthorURI' ] . '">' . $component_data[ 'Author' ] . '</a>';
 737
 738            $meta[] = sprintf( __( 'by %s', 'pods' ), $component_data[ 'Author' ] );
 739
 740            if ( !empty( $component_data[ 'URI' ] ) )
 741                $meta[] = '<a href="' . $component_data[ 'URI' ] . '">' . __( 'Visit component site', 'pods' ) . '</a>';
 742
 743            $component_data[ 'Description' ] = wpautop( make_clickable( strip_tags( $component_data[ 'Description' ], 'em,strong' ) ) );
 744
 745            if ( !empty( $meta ) )
 746                $component_data[ 'Description' ] .= '<div class="pods-component-version-author-uri">' . implode( ' | ', $meta ) . '</div>';
 747
 748            $component_data = array(
 749                'id' => $component_data[ 'ID' ],
 750                'name' => $component_data[ 'Name' ],
 751                'category' => $component_data[ 'Category' ],
 752                'description' => $component_data[ 'Description' ],
 753                'developermode' => pods_var_raw( 'DeveloperMode', $component_data, false ),
 754                'mustuse' => pods_var_raw( 'MustUse', $component_data, false ),
 755                'toggle' => 0
 756            );
 757
 758            if ( $component_data[ 'developermode' ] ) {
 759                if ( !pods_developer() ) {
 760                    unset( $components[ $component ] );
 761
 762                    continue;
 763                }
 764
 765                $component_data[ 'name' ] .= ' <em style="font-weight: normal;">(Developer Preview)</em>';
 766            }
 767
 768            if ( isset( PodsInit::$components->settings[ 'components' ][ $component_data[ 'id' ] ] ) && 0 != PodsInit::$components->settings[ 'components' ][ $component_data[ 'id' ] ] )
 769                $component_data[ 'toggle' ] = 1;
 770            elseif ( $component_data[ 'mustuse' ] )
 771                $component_data[ 'toggle' ] = 1;
 772        }
 773
 774        $ui = array(
 775            'data' => $components,
 776            'total' => count( $components ),
 777            'total_found' => count( $components ),
 778            'icon' => PODS_URL . 'ui/images/icon32.png',
 779            'items' => 'Components',
 780            'item' => 'Component',
 781            'fields' => array(
 782                'manage' => array(
 783                    'name' => array(
 784                        'label' => __( 'Name', 'pods' ),
 785                        'width' => '30%',
 786                        'type' => 'text'
 787                    ),
 788                    'category' => array(
 789                        'label' => __( 'Category', 'pods' ),
 790                        'width' => '10%',
 791                        'type' => 'text'
 792                    ),
 793                    'description' => array(
 794                        'label' => __( 'Description', 'pods' ),
 795                        'width' => '60%',
 796                        'type' => 'text'
 797                    )
 798                )
 799            ),
 800            'actions_disabled' => array( 'duplicate', 'view', 'export', 'add', 'edit', 'delete' ),
 801            'actions_custom' => array(
 802                'toggle' => array( 'callback' => array( $this, 'admin_components_toggle' ) )
 803            ),
 804            'filters_enhanced' => true,
 805            'views' => array(
 806                'all' => __( 'All', 'pods' ),
 807                'field-types' => __( 'Field Types', 'pods' ),
 808                'tools' => __( 'Tools', 'pods' ),
 809                'integration' => __( 'Integration', 'pods' ),
 810                'migration' => __( 'Migration', 'pods' ),
 811                'advanced' => __( 'Advanced', 'pods' )
 812            ),
 813            'view' => $view,
 814            'heading' => array(
 815                'views' => __( 'Category', 'pods' )
 816            ),
 817            'search' => false,
 818            'searchable' => false,
 819            'sortable' => false,
 820            'pagination' => false
 821        );
 822
 823        pods_ui( $ui );
 824    }
 825
 826    /**
 827     * Toggle a component on or off
 828     *
 829     * @param PodsUI $ui
 830     *
 831     * @return bool
 832     */
 833    public function admin_components_toggle ( PodsUI $ui ) {
 834        $component = $_GET[ 'id' ];
 835
 836        if ( !empty( PodsInit::$components->components[ $component ][ 'PluginDependency' ] ) ) {
 837            $dependency = explode( '|', PodsInit::$components->components[ $component ][ 'PluginDependency' ] );
 838
 839            if ( !pods_is_plugin_active( $dependency[ 1 ] ) ) {
 840                $website = 'http://wordpress.org/extend/plugins/' . dirname( $dependency[ 1 ] ) . '/';
 841
 842                if ( isset( $dependency[ 2 ] ) )
 843                    $website = $dependency[ 2 ];
 844
 845                if ( !empty( $website ) )
 846                    $website = ' ' . sprintf( __( 'You can find it at %s', 'pods' ), '<a href="' . $website . '" target="_blank">' . $website . '</a>' );
 847
 848                $message = sprintf( __( 'The %s component requires that you have the <strong>%s</strong> plugin installed and activated.', 'pods' ), PodsInit::$components->components[ $component ][ 'Name' ], $dependency[ 0 ] ) . $website;
 849
 850                $ui->error( $message );
 851
 852                $ui->manage();
 853
 854                return;
 855            }
 856        }
 857
 858        if ( !empty( PodsInit::$components->components[ $component ][ 'ThemeDependency' ] ) ) {
 859            $dependency = explode( '|', PodsInit::$components->components[ $component ][ 'ThemeDependency' ] );
 860
 861            if ( strtolower( $dependency[ 1 ] ) != strtolower( get_template() ) && strtolower( $dependency[ 1 ] ) != strtolower( get_stylesheet() ) ) {
 862                $website = '';
 863
 864                if ( isset( $dependency[ 2 ] ) )
 865                    $website = ' ' . sprintf( __( 'You can find it at %s', 'pods' ), '<a href="' . $dependency[ 2 ] . '" target="_blank">' . $dependency[ 2 ] . '</a>' );
 866
 867                $message = sprintf( __( 'The %s component requires that you have the <strong>%s</strong> theme installed and activated.', 'pods' ), PodsInit::$components->components[ $component ][ 'Name' ], $dependency[ 0 ] ) . $website;
 868
 869                $ui->error( $message );
 870
 871                $ui->manage();
 872
 873                return;
 874            }
 875        }
 876
 877        if ( !empty( PodsInit::$components->components[ $component ][ 'MustUse' ] ) ) {
 878            $message = sprintf( __( 'The %s component can not be disabled from here. You must deactivate the plugin or theme that added it.', 'pods' ), PodsInit::$components->components[ $component ][ 'Name' ] );
 879
 880            $ui->error( $message );
 881
 882            $ui->manage();
 883
 884            return;
 885        }
 886
 887        if ( 1 == pods_var( 'toggled' ) ) {
 888            $toggle = PodsInit::$components->toggle( $component );
 889
 890            if ( true === $toggle )
 891                $ui->message( PodsInit::$components->components[ $component ][ 'Name' ] . ' ' . __( 'Component enabled', 'pods' ) );
 892            elseif ( false === $toggle )
 893                $ui->message( PodsInit::$components->components[ $component ][ 'Name' ] . ' ' . __( 'Component disabled', 'pods' ) );
 894
 895            $components = PodsInit::$components->components;
 896
 897            foreach ( $components as $component => &$component_data ) {
 898                $toggle = 0;
 899
 900                if ( isset( PodsInit::$components->settings[ 'components' ][ $component_data[ 'ID' ] ] ) ) {
 901                    if ( 0 != PodsInit::$components->settings[ 'components' ][ $component_data[ 'ID' ] ] )
 902                        $toggle = 1;
 903                }
 904                if ( true === $component_data[ 'DeveloperMode' ] ) {
 905                    if ( !pods_developer() ) {
 906                        unset( $components[ $component ] );
 907                        continue;
 908                    }
 909                }
 910
 911                $component_data = array(
 912                    'id' => $component_data[ 'ID' ],
 913                    'name' => $component_data[ 'Name' ],
 914                    'description' => make_clickable( $component_data[ 'Description' ] ),
 915                    'version' => $component_data[ 'Version' ],
 916                    'author' => $component_data[ 'Author' ],
 917                    'toggle' => $toggle
 918                );
 919            }
 920
 921            $ui->data = $components;
 922
 923            pods_transient_clear( 'pods_components' );
 924
 925            $url = pods_var_update( array( 'toggled' => null ) );
 926
 927            pods_redirect( $url );
 928        }
 929        elseif ( 1 == pods_var( 'toggle' ) )
 930            $ui->message( PodsInit::$components->components[ $component ][ 'Name' ] . ' ' . __( 'Component enabled', 'pods' ) );
 931        else
 932            $ui->message( PodsInit::$components->components[ $component ][ 'Name' ] . ' ' . __( 'Component disabled', 'pods' ) );
 933
 934        $ui->manage();
 935    }
 936
 937    /**
 938     * Get the admin upgrade page
 939     */
 940    public function admin_upgrade () {
 941        foreach ( PodsInit::$upgrades as $old_version => $new_version ) {
 942            if ( version_compare( $old_version, PodsInit::$version_last, '<=' ) && version_compare( PodsInit::$version_last, $new_version, '<' ) ) {
 943                $new_version = str_replace( '.', '_', $new_version );
 944
 945                pods_view( PODS_DIR . 'ui/admin/upgrade/upgrade_' . $new_version . '.php', compact( array_keys( get_defined_vars() ) ) );
 946
 947                break;
 948            }
 949        }
 950    }
 951
 952    /**
 953     * Get the admin help page
 954     */
 955    public function admin_help () {
 956        pods_view( PODS_DIR . 'ui/admin/help.php', compact( array_keys( get_defined_vars() ) ) );
 957    }
 958
 959    /**
 960     * Add pods specific capabilities.
 961     *
 962     * @param $capabilities List of extra capabilities to add
 963     *
 964     * @return array
 965     */
 966    public function admin_capabilities ( $capabilities ) {
 967        $pods = $this->api->load_pods();
 968
 969        $capabilities[] = 'pods';
 970        $capabilities[] = 'pods_content';
 971        $capabilities[] = 'pods_settings';
 972        $capabilities[] = 'pods_components';
 973
 974        foreach ( $pods as $pod ) {
 975            if ( !in_array( $pod[ 'type' ], array( 'pod', 'table' ) ) )
 976                continue;
 977
 978            $capabilities[] = 'pods_add_' . $pod[ 'name' ];
 979            $capabilities[] = 'pods_edit_' . $pod[ 'name' ];
 980
 981            if ( isset( $pod[ 'fields' ][ 'author' ] ) && 'pick' == $pod[ 'fields' ][ 'author' ][ 'type' ] && 'user' == $pod[ 'fields' ][ 'author' ][ 'pick_object' ] )
 982                $capabilities[] = 'pods_edit_others_' . $pod[ 'name' ];
 983
 984            $capabilities[] = 'pods_delete_' . $pod[ 'name' ];
 985
 986            if ( isset( $pod[ 'fields' ][ 'author' ] ) && 'pick' == $pod[ 'fields' ][ 'author' ][ 'type' ] && 'user' == $pod[ 'fields' ][ 'author' ][ 'pick_object' ] )
 987                $capabilities[] = 'pods_delete_others_' . $pod[ 'name' ];
 988
 989            if ( 1 == pods_var( 'ui_export', $pod[ 'options' ], 0 ) )
 990                $capabilities[] = 'pods_export_' . $pod[ 'name' ];
 991        }
 992
 993        return $capabilities;
 994    }
 995
 996    /**
 997     * Handle ajax calls for the administration
 998     */
 999    public function admin_ajax () {
1000        if ( false === headers_sent() ) {
1001            if ( '' == session_id() )
1002                @session_start();
1003
1004            header( 'Content-Type: text/html; charset=' . get_bloginfo( 'charset' ) );
1005        }
1006
1007        // Sanitize input
1008        $params = stripslashes_deep( (array) $_POST );
1009
1010        foreach ( $params as $key => $value ) {
1011            if ( 'action' == $key )
1012                continue;
1013
1014            unset( $params[ $key ] );
1015
1016            $params[ str_replace( '_podsfix_', '', $key ) ] = $value;
1017        }
1018
1019        $params = (object) $params;
1020
1021        $methods = array(
1022            'add_pod' => array( 'priv' => true ),
1023            'save_pod' => array( 'priv' => true ),
1024            'load_sister_fields' => array( 'priv' => true ),
1025            'process_form' => array( 'custom_nonce' => true ), // priv handled through nonce
1026            'upgrade' => array( 'priv' => true )
1027        );
1028
1029        $methods = apply_filters( 'pods_admin_ajax_methods', $methods, $this );
1030
1031        if ( !isset( $params->method ) || !isset( $methods[ $params->method ] ) )
1032            pods_error( 'Invalid AJAX request', $this );
1033
1034        $defaults = array(
1035            'priv' => null,
1036            'name' => $params->method,
1037            'custom_nonce' => null
1038        );
1039
1040        $method = (object) array_merge( $defaults, (array) $methods[ $params->method ] );
1041
1042        if ( true !== $method->custom_nonce && ( !isset( $params->_wpnonce ) || false === wp_verify_nonce( $params->_wpnonce, 'pods-' . $params->method ) ) )
1043            pods_error( __( 'Unauthorized request', 'pods' ), $this );
1044
1045        // Cleaning up $params
1046        unset( $params->action );
1047        unset( $params->method );
1048
1049        if ( true !== $method->custom_nonce )
1050            unset( $params->_wpnonce );
1051
1052        // Check permissions (convert to array to support multiple)
1053        if ( !empty( $method->priv ) && !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods' ) ) {
1054            if ( true !== $method->priv ) {
1055                foreach ( (array) $method->priv as $priv_val ) {
1056                    if ( !current_user_can( $priv_val ) )
1057                        pods_error( __( 'Access denied', 'pods' ), $this );
1058                }
1059            }
1060        }
1061
1062        $params->method = $method->name;
1063
1064        $params = apply_filters( 'pods_api_' . $method->name, $params, $method );
1065
1066        if ( 'upgrade' == $method->name )
1067            $output = (string) pods_upgrade( $params->version )->ajax( $params );
1068        else {
1069            if ( !method_exists( $this->api, $method->name ) )
1070                pods_error( 'API method does not exist', $this );
1071            elseif ( 'save_pod' == $method->name ) {
1072                if ( isset( $params->field_data_json ) && is_array( $params->field_data_json ) ) {
1073                    $params->fields = $params->field_data_json;
1074
1075                    unset( $params->field_data_json );
1076
1077                    foreach ( $params->fields as $k => $v ) {
1078                        if ( empty( $v ) )
1079                            unset( $params->fields[ $k ] );
1080                        elseif ( !is_array( $v ) )
1081                            $params->fields[ $k ] = (array) @json_decode( $v, true );
1082                    }
1083                }
1084            }
1085
1086            // Dynamically call the API method
1087            $params = (array) $params;
1088
1089            $output = call_user_func( array( $this->api, $method->name ), $params );
1090        }
1091
1092        // Output in json format
1093        if ( false !== $output ) {
1094            if ( is_array( $output ) || is_object( $output ) )
1095                echo json_encode( $output );
1096            else
1097                echo $output;
1098        }
1099        else
1100            pods_error( 'There was a problem with your request.' );
1101
1102        die(); // KBAI!
1103    }
1104
1105    /**
1106     * Handle ajax upload
1107     */
1108    public function admin_ajax_upload () {
1109        if ( false === headers_sent() ) {
1110            if ( '' == session_id() )
1111                @session_start();
1112
1113            header( 'Content-Type: text/html; charset=' . get_bloginfo( 'charset' ) );
1114        }
1115
1116        // Sanitize input
1117        $params = stripslashes_deep( (array) $_POST );
1118
1119        foreach ( $params as $key => $value ) {
1120            if ( 'action' == $key )
1121                continue;
1122
1123            unset( $params[ $key ] );
1124
1125            $params[ str_replace( '_podsfix_', '', $key ) ] = $value;
1126        }
1127
1128        $params = (object) $params;
1129
1130        $methods = array(
1131            'upload',
1132        );
1133
1134        if ( !isset( $params->method ) || !in_array( $params->method, $methods ) || !isset( $params->pod ) || !isset( $params->field ) || !isset( $params->uri ) || empty( $params->uri ) )
1135            pods_error( 'Invalid AJAX request', $this );
1136        elseif ( !empty( $params->pod ) && empty( $params->field ) )
1137            pods_error( 'Invalid AJAX request', $this );
1138        elseif ( empty( $params->pod ) && !current_user_can( 'upload_files' ) )
1139            pods_error( 'Invalid AJAX request', $this );
1140
1141        // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
1142        if ( is_ssl() && empty( $_COOKIE[ SECURE_AUTH_COOKIE ] ) && !empty( $_REQUEST[ 'auth_cookie' ] ) )
1143            $_COOKIE[ SECURE_AUTH_COOKIE ] = $_REQUEST[ 'auth_cookie' ];
1144        elseif ( empty( $_COOKIE[ AUTH_COOKIE ] ) && !empty( $_REQUEST[ 'auth_cookie' ] ) )
1145            $_COOKIE[ AUTH_COOKIE ] = $_REQUEST[ 'auth_cookie' ];
1146
1147        if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) && !empty( $_REQUEST[ 'logged_in_cookie' ] ) )
1148            $_COOKIE[ LOGGED_IN_COOKIE ] = $_REQUEST[ 'logged_in_cookie' ];
1149
1150        global $current_user;
1151        unset( $current_user );
1152
1153        /**
1154         * Access Checking
1155         */
1156        $upload_disabled = false;
1157
1158        if ( defined( 'PODS_DISABLE_FILE_UPLOAD' ) && true === PODS_DISABLE_FILE_UPLOAD )
1159            $upload_disabled = true;
1160        elseif ( defined( 'PODS_UPLOAD_REQUIRE_LOGIN' ) && is_bool( PODS_UPLOAD_REQUIRE_LOGIN ) && true === PODS_UPLOAD_REQUIRE_LOGIN && !is_user_logged_in() )
1161            $upload_disabled = true;
1162        elseif ( defined( 'PODS_UPLOAD_REQUIRE_LOGIN' ) && !is_bool( PODS_UPLOAD_REQUIRE_LOGIN ) && ( !is_user_logged_in() || !current_user_can( PODS_UPLOAD_REQUIRE_LOGIN ) ) )
1163            $upload_disabled = true;
1164
1165        $uid = @session_id();
1166
1167        if ( is_user_logged_in() )
1168            $uid = 'user_' . get_current_user_id();
1169
1170        $nonce_check = 'pods_upload_' . (int) $params->pod . '_' . $uid . '_' . $params->uri . '_' . (int) $params->field;
1171
1172        if ( true === $upload_disabled || !isset( $params->_wpnonce ) || false === wp_verify_nonce( $params->_wpnonce, $nonce_check ) )
1173            pods_error( __( 'Unauthorized request', 'pods' ), $this );
1174
1175        $pod = array();
1176        $field = array(
1177            'type' => 'file',
1178            'options' => array()
1179        );
1180
1181        if ( !empty( $params->pod ) ) {
1182            $pod = $this->api->load_pod( array( 'id' => (int) $params->pod ) );
1183            $field = $this->api->load_field( array( 'id' => (int) $params->field ) );
1184
1185            if ( empty( $pod ) || empty( $field ) || $pod[ 'id' ] != $field[ 'pod_id' ] || !isset( $pod[ 'fields' ][ $field[ 'name' ] ] ) )
1186                pods_error( __( 'Invalid field request', 'pods' ), $this );
1187
1188            if ( !in_array( $field[ 'type' ], apply_filters( 'pods_file_field_types', array( 'file', 'avatar' ) ) ) )
1189                pods_error( __( 'Invalid field', 'pods' ), $this );
1190        }
1191
1192        $method = $params->method;
1193
1194        // Cleaning up $params
1195        unset( $params->action );
1196        unset( $params->method );
1197        unset( $params->_wpnonce );
1198
1199        $params->post_id = pods_var( 'post_id', $params, 0, null, true );
1200
1201        /**
1202         * Upload a new file (advanced - returns URL and ID)
1203         */
1204        if ( 'upload' == $method ) {
1205            $file = $_FILES[ 'Filedata' ];
1206
1207            $limit_size = pods_var( $field[ 'type' ] . '_restrict_filesize', $field[ 'options' ] );
1208
1209            if ( !empty( $limit_size ) ) {
1210                if ( false !== stripos( $limit_size, 'MB' ) ) {
1211                    $limit_size = (float) trim( str_ireplace( 'MB', '', $limit_size ) );
1212                    $limit_size = $limit_size * 1025 * 1025; // convert to KB to B
1213                }
1214                elseif ( false !== stripos( $limit_size, 'KB' ) ) {
1215                    $limit_size = (float) trim( str_ireplace( 'KB', '', $limit_size ) );
1216                    $limit_size = $limit_size * 1025 * 1025; // convert to B
1217                }
1218                elseif ( false !== stripos( $limit_size, 'GB' ) ) {
1219                    $limit_size = (float) trim( str_ireplace( 'GB', '', $limit_size ) );
1220                    $limit_size = $limit_size * 1025 * 1025 * 1025; // convert to MB to KB to B
1221                }
1222                elseif ( false !== stripos( $limit_size, 'B' ) )
1223                    $limit_size = (float) trim( str_ireplace( 'B', '', $limit_size ) );
1224                else
1225                    $limit_size = wp_max_upload_size();
1226
1227                if ( 0 < $limit_size && $limit_size < $file[ 'size' ] ) {
1228                    $error = __( 'File size too large, max size is %s', 'pods' );
1229                    $error = sprintf( $error, pods_var( $field[ 'type' ] . '_restrict_filesize', $field[ 'options' ] ) );
1230
1231                    pods_error( '<div style="color:#FF0000">Error: ' . $error . '</div>' );
1232                }
1233            }
1234
1235            $limit_file_type = pods_var( $field[ 'type' ] . '_type', $field[ 'options' ], 'images' );
1236
1237            if ( 'images' == $limit_file_type )
1238                $limit_types = 

Large files files are truncated, but you can click here to view the full file