Advanced Access Manager - Version 5.3.4

Version Description

  • Fixed incompatibility issue with plugins that use "plugins_loaded" hook for post manipulations
  • Fixed the bug with AAM_Api_Rest_Resource_User
  • Fixed issues with ConfigPress settings compatibility between versions
  • Fixed the issues with infinite loop when access denied redirect is not configured correctly
  • Fixed issue with post filtering that disregards Backend/Frotent/API Access Control settings
  • Fixed bug with login widget labels
  • Added more information about parent terms & posts to the Post & Terms list
  • Added additional widget that lists of AAM licenses on the Extensions tab
  • Added fallback secret key for jwt token generator
  • Added ability to filter out widgets from the Appearance->Widgets screen
Download this release

Release Info

Developer vasyl_m
Plugin Icon 128x128 Advanced Access Manager
Version 5.3.4
Comparing to
See all releases

Code changes from version 5.3.3 to 5.3.4

Application/Api/Rest/Resource/User.php CHANGED
@@ -13,7 +13,7 @@
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Restful_Resource_User {
17
 
18
  /**
19
  * Instance of itself
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
+ class AAM_Api_Rest_Resource_User {
17
 
18
  /**
19
  * Instance of itself
Application/Backend/Feature.php CHANGED
@@ -94,7 +94,7 @@ class AAM_Backend_Feature {
94
  */
95
  public static function initView(stdClass $feature){
96
  if (is_string($feature->view)){
97
- $feature->view = new $feature->view;
98
  }
99
 
100
  return $feature;
94
  */
95
  public static function initView(stdClass $feature){
96
  if (is_string($feature->view)){
97
+ $feature->view = new $feature->view(AAM_Backend_Subject::getInstance());
98
  }
99
 
100
  return $feature;
Application/Backend/Feature/Main/Metabox.php CHANGED
@@ -41,9 +41,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
41
  $url = add_query_arg('init', 'metabox', admin_url('index.php'));
42
  } else {
43
  $url = add_query_arg(
44
- 'init',
45
- 'metabox',
46
- admin_url('post-new.php?post_type=' . $type)
47
  );
48
  }
49
 
@@ -95,7 +93,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
95
  */
96
  public function initialize($post_type) {
97
  $cache = $this->getMetaboxList();
98
-
99
  if ($post_type === 'dashboard') {
100
  $this->collectWidgets($cache);
101
  } else {
@@ -129,13 +127,13 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
129
  } elseif (is_string($data['callback'][0])) {
130
  $callback = $data['callback'][0];
131
  } else {
132
- $callback = null;
133
  }
134
 
135
  if (!is_null($callback)) { //exclude any junk
136
  $cache['widgets'][$callback] = array(
137
  'title' => strip_tags($data['name']),
138
- 'id' => $callback
139
  );
140
  }
141
  }
@@ -144,7 +142,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
144
  //now collect Admin Dashboard Widgets
145
  $this->collectMetaboxes('dashboard', $cache);
146
  }
147
-
148
  /**
149
  * Collect metaboxes
150
  *
@@ -171,7 +169,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
171
  foreach ($boxes as $data) {
172
  if (trim($data['id'])) { //exclude any junk
173
  $cache[$post_type][$data['id']] = array(
174
- 'id' => $data['id'],
175
  'title' => strip_tags($data['title'])
176
  );
177
  }
41
  $url = add_query_arg('init', 'metabox', admin_url('index.php'));
42
  } else {
43
  $url = add_query_arg(
44
+ 'init', 'metabox', admin_url('post-new.php?post_type=' . $type)
 
 
45
  );
46
  }
47
 
93
  */
94
  public function initialize($post_type) {
95
  $cache = $this->getMetaboxList();
96
+
97
  if ($post_type === 'dashboard') {
98
  $this->collectWidgets($cache);
99
  } else {
127
  } elseif (is_string($data['callback'][0])) {
128
  $callback = $data['callback'][0];
129
  } else {
130
+ $callback = isset($data['classname']) ? $data['classname'] : null;
131
  }
132
 
133
  if (!is_null($callback)) { //exclude any junk
134
  $cache['widgets'][$callback] = array(
135
  'title' => strip_tags($data['name']),
136
+ 'id' => $callback
137
  );
138
  }
139
  }
142
  //now collect Admin Dashboard Widgets
143
  $this->collectMetaboxes('dashboard', $cache);
144
  }
145
+
146
  /**
147
  * Collect metaboxes
148
  *
169
  foreach ($boxes as $data) {
170
  if (trim($data['id'])) { //exclude any junk
171
  $cache[$post_type][$data['id']] = array(
172
+ 'id' => $data['id'],
173
  'title' => strip_tags($data['title'])
174
  );
175
  }
Application/Backend/Feature/Main/Post.php CHANGED
@@ -51,7 +51,12 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
51
 
52
  foreach ($list->records as $type) {
53
  $response['data'][] = array(
54
- $type->name, null, 'type', $type->labels->name, 'drilldown,manage'
 
 
 
 
 
55
  );
56
  }
57
 
@@ -108,12 +113,31 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
108
  foreach($list->records as $record) {
109
  if (isset($record->ID)) { //this is post
110
  $link = get_edit_post_link($record->ID, 'link');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
111
  $response['data'][] = array(
112
  $record->ID,
113
  $link,
114
  'post',
115
  get_the_title($record),
116
- 'manage' . ($link ? ',edit' : ''),
 
117
  //get_post_permalink($record)
118
  );
119
  } else { //term
@@ -123,10 +147,19 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
123
  'term',
124
  $record->name,
125
  'manage,edit',
 
 
 
 
 
 
 
 
 
 
126
  );
127
  }
128
- }
129
-
130
 
131
  return $response;
132
  }
51
 
52
  foreach ($list->records as $type) {
53
  $response['data'][] = array(
54
+ $type->name,
55
+ null,
56
+ 'type',
57
+ $type->labels->name,
58
+ 'drilldown,manage',
59
+ null
60
  );
61
  }
62
 
113
  foreach($list->records as $record) {
114
  if (isset($record->ID)) { //this is post
115
  $link = get_edit_post_link($record->ID, 'link');
116
+
117
+ $parent = '';
118
+
119
+ if (!empty($record->post_parent)) {
120
+ $p = get_post($record->post_parent);
121
+ $parent = (is_a($p, 'WP_Post') ? $p->post_title : '');
122
+ }
123
+
124
+ if (empty($parent)) {
125
+ $taxonomies = array_filter(
126
+ get_object_taxonomies($record), 'is_taxonomy_hierarchical'
127
+ );
128
+ if (!empty($taxonomies)) {
129
+ $terms = wp_get_object_terms($record->ID, $taxonomies, array('fields' => 'names'));
130
+ $parent = implode(', ', $terms);
131
+ }
132
+ }
133
+
134
  $response['data'][] = array(
135
  $record->ID,
136
  $link,
137
  'post',
138
  get_the_title($record),
139
+ 'manage' . ($link ? ',edit' : ''),
140
+ $parent
141
  //get_post_permalink($record)
142
  );
143
  } else { //term
147
  'term',
148
  $record->name,
149
  'manage,edit',
150
+ rtrim(get_term_parents_list(
151
+ $record->term_id,
152
+ $record->taxonomy,
153
+ array(
154
+ 'link' => false,
155
+ 'format' => 'name',
156
+ 'separator' => ' &raquo; ',
157
+ 'inclusive' => false
158
+ )
159
+ ), ' &raquo; ')
160
  );
161
  }
162
+ }
 
163
 
164
  return $response;
165
  }
Application/Backend/Feature/Settings/Manager.php CHANGED
@@ -31,4 +31,19 @@ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
31
  return json_encode(array('status' => 'success'));
32
  }
33
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
34
  }
31
  return json_encode(array('status' => 'success'));
32
  }
33
 
34
+ /**
35
+ * Delete AAM utility options
36
+ *
37
+ * @return string
38
+ *
39
+ * @access public
40
+ */
41
+ public function delete() {
42
+ $param = AAM_Core_Request::post('param');
43
+
44
+ AAM_Core_Config::delete($param);
45
+
46
+ return json_encode(array('status' => 'success'));
47
+ }
48
+
49
  }
Application/Backend/Filter.php CHANGED
@@ -37,6 +37,7 @@ class AAM_Backend_Filter {
37
 
38
  //manager WordPress metaboxes
39
  add_action("in_admin_header", array($this, 'metaboxes'), 999);
 
40
 
41
  //control admin area
42
  add_action('admin_notices', array($this, 'adminNotices'), -1);
@@ -51,6 +52,7 @@ class AAM_Backend_Filter {
51
  add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
52
 
53
  //default category filder
 
54
  add_filter('pre_option_default_category', array($this, 'filterDefaultCategory'));
55
 
56
  add_action('pre_post_update', array($this, 'prePostUpdate'), 10, 2);
@@ -64,14 +66,12 @@ class AAM_Backend_Filter {
64
 
65
  // Check if user has ability to perform certain task based on provided
66
  // capability and meta data
67
- if (AAM_Core_Config::get('core.settings.backendAccessControl', true)) {
68
- add_filter(
69
- 'user_has_cap',
70
- array(AAM_Shared_Manager::getInstance(), 'userHasCap'),
71
- 999,
72
- 3
73
- );
74
- }
75
 
76
  AAM_Backend_Authorization::bootstrap(); //bootstrap backend authorization
77
  }
@@ -110,9 +110,13 @@ class AAM_Backend_Filter {
110
  } else {
111
  $screen = '';
112
  }
113
-
114
  if (AAM_Core_Request::get('init') != 'metabox') {
115
- AAM::getUser()->getObject('metabox')->filterBackend($screen);
 
 
 
 
116
  }
117
  }
118
 
37
 
38
  //manager WordPress metaboxes
39
  add_action("in_admin_header", array($this, 'metaboxes'), 999);
40
+ add_action("widgets_admin_page", array($this, 'metaboxes'), 999);
41
 
42
  //control admin area
43
  add_action('admin_notices', array($this, 'adminNotices'), -1);
52
  add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
53
 
54
  //default category filder
55
+ // TODO - THIS HAS TO GO TO THE PLUS PACKAGE EXTENSION
56
  add_filter('pre_option_default_category', array($this, 'filterDefaultCategory'));
57
 
58
  add_action('pre_post_update', array($this, 'prePostUpdate'), 10, 2);
66
 
67
  // Check if user has ability to perform certain task based on provided
68
  // capability and meta data
69
+ add_filter(
70
+ 'user_has_cap',
71
+ array(AAM_Shared_Manager::getInstance(), 'userHasCap'),
72
+ 999,
73
+ 3
74
+ );
 
 
75
 
76
  AAM_Backend_Authorization::bootstrap(); //bootstrap backend authorization
77
  }
110
  } else {
111
  $screen = '';
112
  }
113
+
114
  if (AAM_Core_Request::get('init') != 'metabox') {
115
+ if ($screen != 'widgets') {
116
+ AAM::getUser()->getObject('metabox')->filterBackend($screen);
117
+ } else {
118
+ AAM::getUser()->getObject('metabox')->filterAppearanceWidgets();
119
+ }
120
  }
121
  }
122
 
Application/Backend/Manager.php CHANGED
@@ -125,49 +125,6 @@ class AAM_Backend_Manager {
125
  'AAM requires PHP version 5.3.0 or higher to function properly'
126
  );
127
  }
128
-
129
- // TODO: Remove Jun 2019
130
- $htpasswd = AAM_Core_Config::get('htpasswd');
131
- if (!empty($htpasswd)) {
132
- AAM_Core_Console::add(
133
- 'On ConfigPress tab, change all options that start with [htpasswd...] to [feature.metabox.htpasswd...]', 'b', 'b'
134
- );
135
- }
136
-
137
- $export = AAM_Core_Config::get('export', null);
138
- if (!empty($export)) {
139
- AAM_Core_Console::add(
140
- 'On ConfigPress tab, change all options that start with [export...] to [feature.export...]', 'b', 'b'
141
- );
142
- }
143
-
144
- $defcat = AAM_Core_Config::get('default.category', null);
145
- if (!empty($defcat)) {
146
- AAM_Core_Console::add(
147
- 'On ConfigPress tab, change [default.category] option to [feature.post.defaultTerm]', 'b', 'b'
148
- );
149
- }
150
-
151
- $dir = AAM_Core_Config::get('extention.directory', null);
152
- if (!empty($dir)) {
153
- AAM_Core_Console::add(
154
- 'On ConfigPress tab, change all options that start with [extention...] to [core.extention...]', 'b', 'b'
155
- );
156
- }
157
-
158
- $tmpl = AAM_Core_Config::get('login.shortcode', null);
159
- if (!empty($tmpl)) {
160
- AAM_Core_Console::add(
161
- 'On ConfigPress tab, change all options that start with [login.shortcode....] option to [feature.secureLogin.shortcode...]', 'b', 'b'
162
- );
163
- }
164
-
165
- $login = AAM_Core_Config::get('login.widget', null);
166
- if (!empty($login)) {
167
- AAM_Core_Console::add(
168
- 'On ConfigPress tab, change all options that start with [login.widget...] to [feature.secureLogin.widget...]', 'b', 'b'
169
- );
170
- }
171
  }
172
 
173
  /**
125
  'AAM requires PHP version 5.3.0 or higher to function properly'
126
  );
127
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
128
  }
129
 
130
  /**
Application/Backend/phtml/index.phtml CHANGED
@@ -80,6 +80,65 @@
80
  </div>
81
  </div>
82
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
83
  <div class="metabox-holder extensions-metabox" style="display:none;">
84
  <div class="postbox">
85
  <div class="inside">
80
  </div>
81
  </div>
82
 
83
+ <?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
84
+ <?php if (count($licenses)) { ?>
85
+ <div class="metabox-holder extensions-metabox" style="display:none;">
86
+ <div class="postbox">
87
+ <h3 class="hndle">
88
+ <span><?php echo __('Premium Licenses', AAM_KEY); ?></span>
89
+ </h3>
90
+ <div class="inside">
91
+ <div class="aam-postbox-inside">
92
+ <table class="table table-striped table-bordered">
93
+ <tbody>
94
+ <?php foreach($licenses as $license) { ?>
95
+ <tr>
96
+ <td width="70%">
97
+ <b><?php echo $license['extension']; ?></b><br/>
98
+ <small>License: <?php echo $license['license']; ?></small>
99
+ <?php if (!empty($license['expires'])) { ?>
100
+ <br/> <small>Expires: <?php echo $license['expires']; ?></small>
101
+ <?php } ?>
102
+ </td>
103
+ <td>
104
+ <div class="aam-row-actions">
105
+ <a href="#transfer-license-modal" data-toggle="modal" class="aam-row-action"><i class="icon-exchange text-warning" data-toggle="tooltip" title="<?php echo __('Transfer License', AAM_KEY); ?>"></i></a>
106
+ <?php if (!empty($license['expires'])) { ?>
107
+ <a href="https://aamplugin.com/upgrade/<?php echo $license['license']; ?>" data-toggle="tooltip" title="<?php echo __('Upgrade License', AAM_KEY); ?>" class="aam-row-action" target="_blank"><i class="icon-angle-circled-up text-success"></i></a>
108
+ <?php } ?>
109
+ </div>
110
+ </td>
111
+ </tr>
112
+ <?php } ?>
113
+ </tbody>
114
+ </table>
115
+ </div>
116
+ </div>
117
+ </div>
118
+ </div>
119
+
120
+ <div class="modal fade" id="transfer-license-modal" tabindex="-1" role="dialog">
121
+ <div class="modal-dialog modal-sm" role="document">
122
+ <div class="modal-content">
123
+ <div class="modal-header">
124
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
125
+ <h4 class="modal-title"><?php echo __('Transfer license', AAM_KEY); ?></h4>
126
+ </div>
127
+ <div class="modal-body">
128
+ <div class="form-group">
129
+ <p class="aam-info">
130
+ <?php echo AAM_Backend_View_Helper::preparePhrase('In order to transfer the license to a different domain, please contact us via email [support@aamplugin.com] with a reason for a transfer.', 'b'); ?>
131
+ </p>
132
+ </div>
133
+ </div>
134
+ <div class="modal-footer">
135
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
136
+ </div>
137
+ </div>
138
+ </div>
139
+ </div>
140
+ <?php } ?>
141
+
142
  <div class="metabox-holder extensions-metabox" style="display:none;">
143
  <div class="postbox">
144
  <div class="inside">
Application/Backend/phtml/main/metabox.phtml CHANGED
@@ -42,9 +42,9 @@
42
  case 'dashboard':
43
  echo __('Dashboard Widgets', AAM_KEY);
44
  break;
45
-
46
  case 'widgets':
47
- echo __('Frontend Widgets', AAM_KEY);
48
  break;
49
 
50
  default:
42
  case 'dashboard':
43
  echo __('Dashboard Widgets', AAM_KEY);
44
  break;
45
+
46
  case 'widgets':
47
+ echo AAM_Backend_View_Helper::preparePhrase('Frontend Widgets [(including Appearance->Widgets)]', 'small');
48
  break;
49
 
50
  default:
Application/Backend/phtml/main/post.phtml CHANGED
@@ -50,6 +50,7 @@
50
  <th width="5%">&nbsp;</th>
51
  <th width="75%"><?php echo __('Title', AAM_KEY); ?></th>
52
  <th><?php echo __('Actions', AAM_KEY); ?></th>
 
53
  </tr>
54
  </thead>
55
  <tbody></tbody>
50
  <th width="5%">&nbsp;</th>
51
  <th width="75%"><?php echo __('Title', AAM_KEY); ?></th>
52
  <th><?php echo __('Actions', AAM_KEY); ?></th>
53
+ <th>Parent</th>
54
  </tr>
55
  </thead>
56
  <tbody></tbody>
Application/Backend/phtml/widget/login-frontend.phtml CHANGED
@@ -18,13 +18,13 @@
18
 
19
  <div id="<?php echo $this->get_field_id('loginform'); ?>">
20
  <p>
21
- <label for="user_login"><?php __('Username or Email Address', AAM_KEY); ?><br>
22
  <input id="<?php echo $this->get_field_id('log'); ?>" class="input login-input" value="" size="20" type="text" />
23
  </label>
24
  </p>
25
 
26
  <p>
27
- <label for="user_pass"><?php __('Password', AAM_KEY); ?><br>
28
  <input id="<?php echo $this->get_field_id('pwd'); ?>" class="input login-input" value="" size="20" type="password" />
29
  </label>
30
  </p>
18
 
19
  <div id="<?php echo $this->get_field_id('loginform'); ?>">
20
  <p>
21
+ <label for="user_login"><?php echo __('Username or Email Address', AAM_KEY); ?><br>
22
  <input id="<?php echo $this->get_field_id('log'); ?>" class="input login-input" value="" size="20" type="text" />
23
  </label>
24
  </p>
25
 
26
  <p>
27
+ <label for="user_pass"><?php echo __('Password', AAM_KEY); ?><br>
28
  <input id="<?php echo $this->get_field_id('pwd'); ?>" class="input login-input" value="" size="20" type="password" />
29
  </label>
30
  </p>
Application/Core/API.php CHANGED
@@ -294,10 +294,20 @@ final class AAM_Core_API {
294
  "{$area}.access.deny.redirectRule", __('Access Denied', AAM_KEY)
295
  );
296
  }
297
-
298
- do_action('aam-access-rejected-action', $area, $args);
299
-
300
- self::redirect($redirect, $args);
 
 
 
 
 
 
 
 
 
 
301
  } else {
302
  wp_die(-1);
303
  }
294
  "{$area}.access.deny.redirectRule", __('Access Denied', AAM_KEY)
295
  );
296
  }
297
+
298
+ $doRedirect = true;
299
+
300
+ if ($type == 'page') {
301
+ $page = self::getCurrentPost();
302
+ $doRedirect = (empty($page) || ($page->ID != $redirect));
303
+ } elseif ($type == 'url') {
304
+ $doRedirect = strpos($redirect, $_SERVER['REQUEST_URI']) === false;
305
+ }
306
+
307
+ if ($doRedirect) {
308
+ do_action('aam-access-rejected-action', $area, $args);
309
+ self::redirect($redirect, $args);
310
+ }
311
  } else {
312
  wp_die(-1);
313
  }
Application/Core/Compatibility.php CHANGED
@@ -16,6 +16,25 @@
16
  */
17
  class AAM_Core_Compatibility {
18
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
19
  /**
20
  * Convert all-style AAM settings to standard ConfigPress style settings
21
  *
16
  */
17
  class AAM_Core_Compatibility {
18
 
19
+ /**
20
+ *
21
+ */
22
+ public static function checkConfigPressCompatibility($key) {
23
+ if (strpos($key, 'htpasswd') === 0) {
24
+ $key = str_replace('htpasswd', 'feature.metabox.htpasswd', $key);
25
+ } elseif (strpos($key, 'export') === 0) {
26
+ $key = str_replace('export', 'feature.export', $key);
27
+ } elseif (strpos($key, 'default.category') === 0) {
28
+ $key = str_replace('default.category', 'feature.post.defaultTerm', $key);
29
+ } elseif (strpos($key, 'extention') === 0) {
30
+ $key = str_replace('extention', 'core.extention', $key);
31
+ } elseif (strpos($key, 'login') === 0) {
32
+ $key = str_replace('login', 'feature.secureLogin', $key);
33
+ }
34
+
35
+ return $key;
36
+ }
37
+
38
  /**
39
  * Convert all-style AAM settings to standard ConfigPress style settings
40
  *
Application/Core/Config.php CHANGED
@@ -40,6 +40,12 @@ class AAM_Core_Config {
40
  * @access public
41
  */
42
  public static function bootstrap() {
 
 
 
 
 
 
43
  if (is_multisite()) {
44
  self::$config = AAM_Core_Compatibility::normalizeConfigOptions(
45
  AAM_Core_API::getOption(self::OPTION, array(), 'site')
40
  * @access public
41
  */
42
  public static function bootstrap() {
43
+ // TODO: Remove in July 2019
44
+ add_filter(
45
+ 'aam-configpress-compatibility-filter',
46
+ 'AAM_Core_Compatibility::checkConfigPressCompatibility'
47
+ );
48
+
49
  if (is_multisite()) {
50
  self::$config = AAM_Core_Compatibility::normalizeConfigOptions(
51
  AAM_Core_API::getOption(self::OPTION, array(), 'site')
Application/Core/ConfigPress/Reader.php CHANGED
@@ -126,7 +126,8 @@ class AAM_Core_ConfigPress_Reader {
126
  protected function buildNestedSection($data, &$config) {
127
  foreach ($data as $key => $value) {
128
  $root = &$config;
129
- foreach (explode(self::SEPARATOR, $key) as $level) {
 
130
  if (!isset($root[$level])) {
131
  $root[$level] = array();
132
  }
126
  protected function buildNestedSection($data, &$config) {
127
  foreach ($data as $key => $value) {
128
  $root = &$config;
129
+ // TODO - Remove July 2019
130
+ foreach (explode(self::SEPARATOR, apply_filters('aam-configpress-compatibility-filter', $key)) as $level) {
131
  if (!isset($root[$level])) {
132
  $root[$level] = array();
133
  }
Application/Core/Gateway.php CHANGED
@@ -63,7 +63,7 @@ final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
63
  /**
64
  * Metabox & Widget object slug
65
  */
66
- const OBJECT_METABOX_WIDGET = 'metabox';
67
 
68
  /**
69
  * Post object slug
@@ -149,14 +149,14 @@ final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
149
  /**
150
  * Get role
151
  *
152
- * @param string $id
153
  *
154
  * @return AAM_Core_Subject_Role
155
  *
156
  * @access public
157
  */
158
- public function getRoleSubject($id) {
159
- return new AAM_Core_Subject_Role($id);
160
  }
161
 
162
  /**
@@ -229,6 +229,17 @@ final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
229
  call_user_func_array('AAM_Core_Console::add', func_get_args());
230
  }
231
 
 
 
 
 
 
 
 
 
 
 
 
232
  /**
233
  * Get instance of the API gateway
234
  *
63
  /**
64
  * Metabox & Widget object slug
65
  */
66
+ const OBJECT_METABOX = 'metabox';
67
 
68
  /**
69
  * Post object slug
149
  /**
150
  * Get role
151
  *
152
+ * @param string $slug
153
  *
154
  * @return AAM_Core_Subject_Role
155
  *
156
  * @access public
157
  */
158
+ public function getRoleSubject($slug) {
159
+ return new AAM_Core_Subject_Role($slug);
160
  }
161
 
162
  /**
229
  call_user_func_array('AAM_Core_Console::add', func_get_args());
230
  }
231
 
232
+ /**
233
+ * Deny access for current HTTP request
234
+ *
235
+ * @return void
236
+ *
237
+ * @access public
238
+ */
239
+ public function denyAccess() {
240
+ AAM_Core_API::reject();
241
+ }
242
+
243
  /**
244
  * Get instance of the API gateway
245
  *
Application/Core/JwtAuth.php CHANGED
@@ -38,26 +38,6 @@ class AAM_Core_JwtAuth {
38
 
39
  //register authentication hook
40
  add_filter('determine_current_user', array($this, 'determineCurrentUser'), 999);
41
-
42
- //load firebase vendor
43
- require AAM_BASEDIR . '/vendor/autoload.php';
44
-
45
- if (is_admin()) {
46
- $this->checkRequirements();
47
- }
48
- }
49
-
50
- /**
51
- * Check JWT requirements
52
- */
53
- protected function checkRequirements() {
54
- $secret = AAM_Core_Config::get('authentication.jwt.secret');
55
-
56
- if (empty($secret)) {
57
- AAM_Core_Console::add(
58
- __('JWT Authentication is enabled but authentication.jwt.secret is not defined', AAM_KEY)
59
- );
60
- }
61
  }
62
 
63
  /**
@@ -106,7 +86,7 @@ class AAM_Core_JwtAuth {
106
  $response = new WP_REST_Response();
107
 
108
  if ($result['status'] == 'success') { // generate token
109
- $key = AAM_Core_Config::get('authentication.jwt.secret');
110
  $expire = AAM_Core_Config::get('authentication.jwt.expires', 86400);
111
 
112
  if ($key) {
@@ -152,7 +132,7 @@ class AAM_Core_JwtAuth {
152
  }
153
 
154
  $token = apply_filters('aam-jwt-authentication-header-filter', $token);
155
- $key = AAM_Core_Config::get('authentication.jwt.secret');
156
 
157
  if ($token) {
158
  try {
38
 
39
  //register authentication hook
40
  add_filter('determine_current_user', array($this, 'determineCurrentUser'), 999);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
41
  }
42
 
43
  /**
86
  $response = new WP_REST_Response();
87
 
88
  if ($result['status'] == 'success') { // generate token
89
+ $key = AAM_Core_Config::get('authentication.jwt.secret', SECURE_AUTH_KEY);
90
  $expire = AAM_Core_Config::get('authentication.jwt.expires', 86400);
91
 
92
  if ($key) {
132
  }
133
 
134
  $token = apply_filters('aam-jwt-authentication-header-filter', $token);
135
+ $key = AAM_Core_Config::get('authentication.jwt.secret', SECURE_AUTH_KEY);
136
 
137
  if ($token) {
138
  try {
Application/Core/Object.php CHANGED
@@ -177,7 +177,7 @@ abstract class AAM_Core_Object implements AAM_Core_Contract_Object {
177
  *
178
  * @access public
179
  */
180
- public function isOverwritten () {
181
  return $this->_overwritten;
182
  }
183
 
177
  *
178
  * @access public
179
  */
180
+ public function isOverwritten() {
181
  return $this->_overwritten;
182
  }
183
 
Application/Core/Object/Metabox.php CHANGED
@@ -73,7 +73,7 @@ class AAM_Core_Object_Metabox extends AAM_Core_Object {
73
  } elseif (is_string($widget['callback'][0])) {
74
  $callback = $widget['callback'][0];
75
  } else {
76
- $callback = null;
77
  }
78
 
79
  return $callback;
@@ -85,7 +85,7 @@ class AAM_Core_Object_Metabox extends AAM_Core_Object {
85
  * @param type $screen
86
  */
87
  public function filterBackend($screen) {
88
- global $wp_meta_boxes;
89
 
90
  if (is_array($wp_meta_boxes)) {
91
  foreach ($wp_meta_boxes as $screen_id => $zones) {
@@ -95,6 +95,22 @@ class AAM_Core_Object_Metabox extends AAM_Core_Object {
95
  }
96
  }
97
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
98
 
99
  /**
100
  *
73
  } elseif (is_string($widget['callback'][0])) {
74
  $callback = $widget['callback'][0];
75
  } else {
76
+ $callback = isset($widget['classname']) ? $widget['classname'] : null;
77
  }
78
 
79
  return $callback;
85
  * @param type $screen
86
  */
87
  public function filterBackend($screen) {
88
+ global $wp_meta_boxes, $wp_registered_widgets;
89
 
90
  if (is_array($wp_meta_boxes)) {
91
  foreach ($wp_meta_boxes as $screen_id => $zones) {
95
  }
96
  }
97
  }
98
+
99
+ /**
100
+ *
101
+ * @global type $wp_registered_widgets
102
+ */
103
+ public function filterAppearanceWidgets() {
104
+ global $wp_registered_widgets;
105
+
106
+ foreach($wp_registered_widgets as $id => $widget) {
107
+ $callback = $this->getWidgetCallback($widget);
108
+ if ($this->has('widgets', $callback)) {
109
+ unregister_widget($callback);
110
+ unset($wp_registered_widgets[$id]);
111
+ }
112
+ }
113
+ }
114
 
115
  /**
116
  *
Application/Core/Server.php CHANGED
@@ -52,11 +52,14 @@ final class AAM_Core_Server {
52
  * @access public
53
  */
54
  public static function check() {
 
 
55
  //prepare check params
56
  $params = array(
57
- 'domain' => parse_url(site_url(), PHP_URL_HOST),
58
- 'version' => AAM_Core_API::version(),
59
- 'uid' => AAM_Core_API::getOption('aam-uid', null, 'site')
 
60
  );
61
 
62
  $response = self::send('/check', $params);
@@ -117,9 +120,9 @@ final class AAM_Core_Server {
117
  */
118
  protected static function send($request, $params, $timeout = 10) {
119
  $response = self::parseResponse(
120
- AAM_Core_API::cURL(
121
- self::SERVER_URL . $request, false, $params, $timeout
122
- )
123
  );
124
 
125
  return $response;
52
  * @access public
53
  */
54
  public static function check() {
55
+ $repository = AAM_Extension_Repository::getInstance();
56
+
57
  //prepare check params
58
  $params = array(
59
+ 'domain' => parse_url(site_url(), PHP_URL_HOST),
60
+ 'version' => AAM_Core_API::version(),
61
+ 'uid' => AAM_Core_API::getOption('aam-uid', null, 'site'),
62
+ 'licenses' => $repository->getCommercialLicenses(false)
63
  );
64
 
65
  $response = self::send('/check', $params);
120
  */
121
  protected static function send($request, $params, $timeout = 10) {
122
  $response = self::parseResponse(
123
+ AAM_Core_API::cURL(
124
+ self::SERVER_URL . $request, false, $params, $timeout
125
+ )
126
  );
127
 
128
  return $response;
Application/Core/Subject.php CHANGED
@@ -196,11 +196,11 @@ abstract class AAM_Core_Subject implements AAM_Core_Contract_Subject {
196
  *
197
  * @access public
198
  */
199
- public function getObject($type, $id = 'none', $param = null) {
200
  $object = null;
201
 
202
  //performance optimization
203
- $id = (is_scalar($id) ? $id : 'none'); //prevent from any surprises
204
 
205
  //check if there is an object with specified ID
206
  if (!isset($this->_objects[$type][$id])) {
196
  *
197
  * @access public
198
  */
199
+ public function getObject($type, $id = 0, $param = null) {
200
  $object = null;
201
 
202
  //performance optimization
203
+ $id = (is_scalar($id) ? $id : 0); //prevent from any surprises
204
 
205
  //check if there is an object with specified ID
206
  if (!isset($this->_objects[$type][$id])) {
Application/Extension/List.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Extension_List {
22
  'description' => 'Get the complete list of all available premium extensions in one package. Any new premium extensions in the future will be available for no additional cost.',
23
  'url' => 'https://aamplugin.com/complete-package',
24
  'version' => (defined('AAM_COMPLETE_PACKAGE') ? constant('AAM_COMPLETE_PACKAGE') : null),
25
- 'latest' => '3.7.5'
26
  ),
27
  'AAM_PLUS_PACKAGE' => array(
28
  'title' => 'Plus Package',
@@ -31,7 +31,7 @@ class AAM_Extension_List {
31
  'description' => 'The best selling extension with the most advanced content management features for the WordPress CMS. Manage granular access to any post, page, custom post type, category, custom hierarchical taxonomy or define the default access to all your content for all users, roles and visitors.',
32
  'url' => 'https://aamplugin.com/extension/plus-package',
33
  'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34
- 'latest' => '3.7.2'
35
  ),
36
  'AAM_IP_CHECK' => array(
37
  'title' => 'IP Check',
@@ -40,7 +40,7 @@ class AAM_Extension_List {
40
  'description' => 'Manage access to your entire website based on visitor\'s geo-location, refered host or IP address.',
41
  'url' => 'https://aamplugin.com/extension/ip-check',
42
  'version' => (defined('AAM_IP_CHECK') ? constant('AAM_IP_CHECK') : null),
43
- 'latest' => '1.2.2'
44
  ),
45
  'AAM_ROLE_HIERARCHY' => array(
46
  'title' => 'Role Hierarchy',
@@ -61,16 +61,6 @@ class AAM_Extension_List {
61
  'version' => (defined('AAM_ECOMMERCE') ? constant('AAM_ECOMMERCE') : null),
62
  'latest' => '1.2.1'
63
  ),
64
- // TODO: Remove in Dec 2018
65
- 'AAM_PAYMENT' => array(
66
- 'title' => 'Payment',
67
- 'id' => 'AAM_PAYMENT',
68
- 'type' => 'commercial',
69
- 'description' => AAM_Backend_View_Helper::preparePhrase('[Deprecated!]. The extension is deprecated and replaces with more sophisticated E-Commerce extension. If you already purchased it, please contact us to upgrade your license for no additional cost.', 'b'),
70
- 'url' => 'https://aamplugin.com/extension/ecommerce',
71
- 'version' => (defined('AAM_PAYMENT') ? constant('AAM_PAYMENT') : null),
72
- 'latest' => '1.1'
73
- ),
74
  'AAM_MULTISITE' => array(
75
  'title' => 'Multisite',
76
  'id' => 'AAM_MULTISITE',
22
  'description' => 'Get the complete list of all available premium extensions in one package. Any new premium extensions in the future will be available for no additional cost.',
23
  'url' => 'https://aamplugin.com/complete-package',
24
  'version' => (defined('AAM_COMPLETE_PACKAGE') ? constant('AAM_COMPLETE_PACKAGE') : null),
25
+ 'latest' => '3.8'
26
  ),
27
  'AAM_PLUS_PACKAGE' => array(
28
  'title' => 'Plus Package',
31
  'description' => 'The best selling extension with the most advanced content management features for the WordPress CMS. Manage granular access to any post, page, custom post type, category, custom hierarchical taxonomy or define the default access to all your content for all users, roles and visitors.',
32
  'url' => 'https://aamplugin.com/extension/plus-package',
33
  'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34
+ 'latest' => '3.7.3'
35
  ),
36
  'AAM_IP_CHECK' => array(
37
  'title' => 'IP Check',
40
  'description' => 'Manage access to your entire website based on visitor\'s geo-location, refered host or IP address.',
41
  'url' => 'https://aamplugin.com/extension/ip-check',
42
  'version' => (defined('AAM_IP_CHECK') ? constant('AAM_IP_CHECK') : null),
43
+ 'latest' => '2.0'
44
  ),
45
  'AAM_ROLE_HIERARCHY' => array(
46
  'title' => 'Role Hierarchy',
61
  'version' => (defined('AAM_ECOMMERCE') ? constant('AAM_ECOMMERCE') : null),
62
  'latest' => '1.2.1'
63
  ),
 
 
 
 
 
 
 
 
 
 
64
  'AAM_MULTISITE' => array(
65
  'title' => 'Multisite',
66
  'id' => 'AAM_MULTISITE',
Application/Extension/Repository.php CHANGED
@@ -164,6 +164,34 @@ class AAM_Extension_Repository {
164
  AAM_Core_API::updateOption('aam-extensions', $list);
165
  }
166
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
167
 
168
  /**
169
  * Add new extension
@@ -312,7 +340,7 @@ class AAM_Extension_Repository {
312
  if (isset($retrieved->$id)) {
313
  $outdated = version_compare($version, $retrieved->$id->version) == -1;
314
  } else {
315
- $outdated = version_compare($version, $item['latest']);
316
  }
317
  }
318
 
164
  AAM_Core_API::updateOption('aam-extensions', $list);
165
  }
166
 
167
+ /**
168
+ *
169
+ * @return type
170
+ */
171
+ public function getCommercialLicenses($details = true) {
172
+ $response = array();
173
+ $licenses = AAM_Core_API::getOption('aam-extensions', array());
174
+ $extensions = AAM_Extension_List::get();
175
+
176
+ foreach((array) $licenses as $key => $data) {
177
+ if (isset($extensions[$key])
178
+ && !empty($data['license'])
179
+ && $extensions[$key]['type'] == 'commercial') {
180
+
181
+ if ($details) {
182
+ $response[] = array(
183
+ 'license' => $data['license'],
184
+ 'extension' => $extensions[$key]['title'],
185
+ 'expires' => (isset($data['expires']) ? $data['expires'] : null)
186
+ );
187
+ } else {
188
+ $response[] = $data['license'];
189
+ }
190
+ }
191
+ }
192
+
193
+ return $response;
194
+ }
195
 
196
  /**
197
  * Add new extension
340
  if (isset($retrieved->$id)) {
341
  $outdated = version_compare($version, $retrieved->$id->version) == -1;
342
  } else {
343
+ $outdated = version_compare($version, $item['latest']) == -1;
344
  }
345
  }
346
 
Application/Shared/Manager.php CHANGED
@@ -77,69 +77,142 @@ class AAM_Shared_Manager {
77
  }
78
 
79
  /**
 
80
  *
 
 
 
 
 
 
81
  * @global WPDB $wpdb
82
- * @param type $clauses
83
- * @param type $wpQuery
84
- * @return type
85
  */
86
  public function filterPostQuery($clauses, $wpQuery) {
87
- global $wpdb;
88
-
89
- $query = '';
90
- $option = AAM::getUser()->getObject('visibility')->getOption();
 
 
 
 
 
 
 
 
 
 
 
91
 
92
- //echo '<pre>'; print_r($option);
 
 
 
 
 
 
 
 
93
 
94
- if (!empty($option['post'])) {
95
- if (!empty($wpQuery->query['post_type'])) {
96
- $postType = $wpQuery->query['post_type'];
97
- } elseif (!empty($wpQuery->query_vars['post_type'])) {
98
- $postType = $wpQuery->query_vars['post_type'];
99
- } elseif ($wpQuery->is_attachment) {
100
- $postType = 'attachment';
101
- } elseif ($wpQuery->is_page) {
102
- $postType = 'page';
103
  } else {
104
- $postType = 'post';
105
  }
 
106
 
107
- $not = array();
108
- $area = AAM_Core_Api_Area::get();
109
-
110
- foreach($option['post'] as $id => $access) {
111
- $chunks = explode('|', $id);
112
-
113
- if ($postType == $chunks[1]) {
114
- if (!empty($access["{$area}.list"])) {
115
- $not[] = $chunks[0];
116
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
117
  }
118
  }
119
-
120
- $chunks = array();
121
- if (!empty($not)) {
122
- $query .= " AND {$wpdb->posts}.ID NOT IN (" . implode(',', $not) . ")";
123
- }
 
124
  }
125
 
126
- $clauses['where'] .= apply_filters(
127
- 'aam-post-where-clause-filter', $query, $wpQuery, $option
128
- );
 
 
 
 
 
 
 
 
 
 
 
 
129
 
130
- if (strpos($clauses['where'], $wpdb->term_relationships) !== false) {
131
- if (strpos($clauses['join'], $wpdb->term_relationships) === false) {
132
- $clauses['join'] .= " LEFT JOIN {$wpdb->term_relationships} ON ({$wpdb->posts}.ID = {$wpdb->term_relationships}.object_id)";
 
133
  }
134
 
135
  if (empty($clauses['groupby'])) {
136
  $clauses['groupby'] = "{$wpdb->posts}.ID";
137
  }
138
  }
139
-
140
- //echo '<pre>'; print_r($clauses); die();
141
-
142
- return $clauses;
143
  }
144
 
145
  /**
@@ -412,8 +485,12 @@ class AAM_Shared_Manager {
412
  }
413
 
414
  /**
 
415
  *
416
- * @return type
 
 
 
417
  */
418
  public static function getInstance() {
419
  if (is_null(self::$_instance)) {
77
  }
78
 
79
  /**
80
+ * After post SELECT query
81
  *
82
+ * @param array $clauses
83
+ * @param WP_Query $wpQuery
84
+ *
85
+ * @return array
86
+ *
87
+ * @access public
88
  * @global WPDB $wpdb
 
 
 
89
  */
90
  public function filterPostQuery($clauses, $wpQuery) {
91
+ if ($this->isPostFilterEnabled()) {
92
+ $option = AAM::getUser()->getObject('visibility')->getOption();
93
+
94
+ if (!empty($option['post'])) {
95
+ $query = $this->preparePostQuery($option['post'], $wpQuery);
96
+ } else {
97
+ $query = '';
98
+ }
99
+
100
+ $clauses['where'] .= apply_filters(
101
+ 'aam-post-where-clause-filter', $query, $wpQuery, $option
102
+ );
103
+
104
+ $this->finalizePostQuery($clauses);
105
+ }
106
 
107
+ return $clauses;
108
+ }
109
+
110
+ /**
111
+ *
112
+ * @return type
113
+ */
114
+ protected function isPostFilterEnabled() {
115
+ $visibility = AAM_Core_Config::get('core.settings.checkPostVisibility', true);
116
 
117
+ if ($visibility) {
118
+ if (AAM_Core_Api_Area::isBackend()) {
119
+ $visibility = AAM_Core_Config::get('core.settings.backendAccessControl', true);
120
+ } elseif (AAM_Core_Api_Area::isAPI()) {
121
+ $visibility = AAM_Core_Config::get('core.settings.apiAccessControl', true);
 
 
 
 
122
  } else {
123
+ $visibility = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
124
  }
125
+ }
126
 
127
+ return $visibility;
128
+ }
129
+
130
+ /**
131
+ * Get querying post type
132
+ *
133
+ * @param WP_Query $wpQuery
134
+ *
135
+ * @return string
136
+ *
137
+ * @access protected
138
+ */
139
+ protected function getQueryingPostType($wpQuery) {
140
+ if (!empty($wpQuery->query['post_type'])) {
141
+ $postType = $wpQuery->query['post_type'];
142
+ } elseif (!empty($wpQuery->query_vars['post_type'])) {
143
+ $postType = $wpQuery->query_vars['post_type'];
144
+ } elseif ($wpQuery->is_attachment) {
145
+ $postType = 'attachment';
146
+ } elseif ($wpQuery->is_page) {
147
+ $postType = 'page';
148
+ } else {
149
+ $postType = 'post';
150
+ }
151
+
152
+ return $postType;
153
+ }
154
+
155
+ /**
156
+ * Prepare post query
157
+ *
158
+ * @param array $visibility
159
+ * @param WP_Query $wpQuery
160
+ *
161
+ * @return string
162
+ *
163
+ * @access protected
164
+ * @global WPDB $wpdb
165
+ */
166
+ protected function preparePostQuery($visibility, $wpQuery) {
167
+ global $wpdb;
168
+
169
+ $postType = $this->getQueryingPostType($wpQuery);
170
+
171
+ $not = array();
172
+ $area = AAM_Core_Api_Area::get();
173
+
174
+ foreach($visibility as $id => $access) {
175
+ $chunks = explode('|', $id);
176
+
177
+ if ($postType == $chunks[1]) {
178
+ if (!empty($access["{$area}.list"])) {
179
+ $not[] = $chunks[0];
180
  }
181
  }
182
+ }
183
+
184
+ if (!empty($not)) {
185
+ $query = " AND {$wpdb->posts}.ID NOT IN (" . implode(',', $not) . ")";
186
+ } else {
187
+ $query = '';
188
  }
189
 
190
+ return $query;
191
+ }
192
+
193
+ /**
194
+ * Finalize post query
195
+ *
196
+ * @param array &$clauses
197
+ *
198
+ * @access protected
199
+ * @global WPDB $wpdb
200
+ */
201
+ protected function finalizePostQuery(&$clauses) {
202
+ global $wpdb;
203
+
204
+ $table = $wpdb->term_relationships;
205
 
206
+ if (strpos($clauses['where'], $table) !== false) {
207
+ if (strpos($clauses['join'], $table) === false) {
208
+ $clauses['join'] .= " LEFT JOIN {$table} ON ";
209
+ $clauses['join'] .= "({$wpdb->posts}.ID = {$table}.object_id)";
210
  }
211
 
212
  if (empty($clauses['groupby'])) {
213
  $clauses['groupby'] = "{$wpdb->posts}.ID";
214
  }
215
  }
 
 
 
 
216
  }
217
 
218
  /**
485
  }
486
 
487
  /**
488
+ * Get single instance of itself
489
  *
490
+ * @return AAM_Shared_Manager
491
+ *
492
+ * @access public
493
+ * @static
494
  */
495
  public static function getInstance() {
496
  if (is_null(self::$_instance)) {
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  Plugin Name: Advanced Access Manager
5
  Description: All you need to manage access to your WordPress website
6
- Version: 5.3.3
7
  Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  Author URI: https://vasyltech.com
9
 
@@ -111,23 +111,47 @@ class AAM {
111
  * @access public
112
  * @static
113
  */
114
- public static function bootstrap() {
115
- if (is_null(self::$_instance)) {
116
- //load AAM core config
117
- AAM_Core_Config::bootstrap();
118
-
119
- //load WP Core hooks
120
- AAM_Shared_Manager::bootstrap();
121
-
122
- //login control
123
- if (AAM_Core_Config::get('core.settings.secureLogin', true)) {
124
- AAM_Core_Login::bootstrap();
125
- }
126
-
127
- //JWT Authentication
128
- if (AAM_Core_Config::get('core.settings.jwtAuthentication', false)) {
129
- AAM_Core_JwtAuth::bootstrap();
130
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
131
  }
132
  }
133
 
@@ -152,19 +176,6 @@ class AAM {
152
  load_plugin_textdomain(
153
  AAM_KEY, false, dirname(plugin_basename(__FILE__)) . '/Lang/'
154
  );
155
-
156
- //load all installed extension
157
- AAM_Extension_Repository::getInstance()->load();
158
-
159
- //load media control
160
- AAM_Core_Media::bootstrap();
161
-
162
- //bootstrap the correct interface
163
- if (AAM_Core_Api_Area::isBackend()) {
164
- AAM_Backend_Manager::bootstrap();
165
- } elseif (AAM_Core_Api_Area::isFrontend()) {
166
- AAM_Frontend_Manager::bootstrap();
167
- }
168
  }
169
 
170
  return self::$_instance;
@@ -243,15 +254,18 @@ if (defined('ABSPATH')) {
243
  define('AAM_EXTENSION_BASE', WP_CONTENT_DIR . '/aam/extension');
244
  define('AAM_BASEDIR', dirname(__FILE__));
245
 
 
 
 
246
  //register autoloader
247
  require (dirname(__FILE__) . '/autoloader.php');
248
  AAM_Autoloader::register();
249
 
250
- add_action('plugins_loaded', 'AAM::bootstrap', 1);
251
 
252
  //the highest priority (higher the core)
253
  //this is important to have to catch events like register core post types
254
- add_action('init', 'AAM::getInstance', -1);
255
 
256
  //register API manager is applicable
257
  add_action('parse_request', 'AAM_Api_Manager::bootstrap', 1);
3
  /**
4
  Plugin Name: Advanced Access Manager
5
  Description: All you need to manage access to your WordPress website
6
+ Version: 5.3.4
7
  Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  Author URI: https://vasyltech.com
9
 
111
  * @access public
112
  * @static
113
  */
114
+ public static function onPluginsLoaded() {
115
+ //load AAM core config
116
+ AAM_Core_Config::bootstrap();
117
+
118
+ //load WP Core hooks
119
+ AAM_Shared_Manager::bootstrap();
120
+
121
+ //login control
122
+ if (AAM_Core_Config::get('core.settings.secureLogin', true)) {
123
+ AAM_Core_Login::bootstrap();
124
+ }
125
+
126
+ //JWT Authentication
127
+ if (AAM_Core_Config::get('core.settings.jwtAuthentication', false)) {
128
+ AAM_Core_JwtAuth::bootstrap();
129
+ }
130
+ }
131
+
132
+ /**
133
+ * Hook on WP core init
134
+ *
135
+ * @return void
136
+ *
137
+ * @access public
138
+ * @static
139
+ */
140
+ public static function onInit() {
141
+ // Load AAM
142
+ AAM::getInstance();
143
+
144
+ //load all installed extension
145
+ AAM_Extension_Repository::getInstance()->load();
146
+
147
+ //load media control
148
+ AAM_Core_Media::bootstrap();
149
+
150
+ //bootstrap the correct interface
151
+ if (AAM_Core_Api_Area::isBackend()) {
152
+ AAM_Backend_Manager::bootstrap();
153
+ } elseif (AAM_Core_Api_Area::isFrontend()) {
154
+ AAM_Frontend_Manager::bootstrap();
155
  }
156
  }
157
 
176
  load_plugin_textdomain(
177
  AAM_KEY, false, dirname(plugin_basename(__FILE__)) . '/Lang/'
178
  );
 
 
 
 
 
 
 
 
 
 
 
 
 
179
  }
180
 
181
  return self::$_instance;
254
  define('AAM_EXTENSION_BASE', WP_CONTENT_DIR . '/aam/extension');
255
  define('AAM_BASEDIR', dirname(__FILE__));
256
 
257
+ //load vendor
258
+ require AAM_BASEDIR . '/vendor/autoload.php';
259
+
260
  //register autoloader
261
  require (dirname(__FILE__) . '/autoloader.php');
262
  AAM_Autoloader::register();
263
 
264
+ add_action('plugins_loaded', 'AAM::onPluginsLoaded', 1);
265
 
266
  //the highest priority (higher the core)
267
  //this is important to have to catch events like register core post types
268
+ add_action('init', 'AAM::onInit', -1);
269
 
270
  //register API manager is applicable
271
  add_action('parse_request', 'AAM_Api_Manager::bootstrap', 1);
media/css/aam.css CHANGED
@@ -91,7 +91,8 @@
91
  .icon-twitter:before { content: '\e83b' !important; } /* 'î »' */
92
  .icon-user:before { content: '\e83d' !important; } /* 'î ½' */
93
  .icon-level-down:before { content: '\e83e' !important; } /* 'î ¾' */
94
- .icon-chat-empty:before { content: '\f0e6'; } /* '' */
 
95
  .icon-exchange:before { content: '\f0ec' !important; } /* '' */
96
  .icon-circle:before { content: '\f111' !important; } /* '' */
97
  .icon-circle-thin:before { content: '\f1db' !important; } /* '' */
@@ -214,6 +215,16 @@ html, body {
214
  padding: 20px;
215
  }
216
 
 
 
 
 
 
 
 
 
 
 
217
  .js .postbox .hndle, .js .widget .widget-top {
218
  cursor: auto;
219
  background-color: #F0F0F0;
@@ -537,6 +548,12 @@ input[type=radio]:checked + label:before {
537
  display: inline;
538
  }
539
 
 
 
 
 
 
 
540
  .aam-redirect-action {
541
  padding: 10px 20px;
542
  }
91
  .icon-twitter:before { content: '\e83b' !important; } /* 'î »' */
92
  .icon-user:before { content: '\e83d' !important; } /* 'î ½' */
93
  .icon-level-down:before { content: '\e83e' !important; } /* 'î ¾' */
94
+ .icon-chat-empty:before { content: '\f0e6' !important; } /* '' */
95
+ .icon-angle-circled-up:before { content: '\f139' !important; } /* '' */
96
  .icon-exchange:before { content: '\f0ec' !important; } /* '' */
97
  .icon-circle:before { content: '\f111' !important; } /* '' */
98
  .icon-circle-thin:before { content: '\f1db' !important; } /* '' */
215
  padding: 20px;
216
  }
217
 
218
+ .badge.danger {
219
+ color: #a94442;
220
+ background-color: #F1DBDA;
221
+ }
222
+
223
+ .badge.success {
224
+ color: #3c763d;
225
+ background-color: #DDEEDD;
226
+ }
227
+
228
  .js .postbox .hndle, .js .widget .widget-top {
229
  cursor: auto;
230
  background-color: #F0F0F0;
548
  display: inline;
549
  }
550
 
551
+ .aam-switch-user {
552
+ float:right;
553
+ font-size:1em !important;
554
+ cursor: pointer;
555
+ }
556
+
557
  .aam-redirect-action {
558
  padding: 10px 20px;
559
  }
media/font/fontello.eot CHANGED
Binary file
media/font/fontello.svg CHANGED
@@ -1,7 +1,7 @@
1
  <?xml version="1.0" standalone="no"?>
2
  <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3
  <svg xmlns="http://www.w3.org/2000/svg">
4
- <metadata>Copyright (C) 2017 by original authors @ fontello.com</metadata>
5
  <defs>
6
  <font id="fontello" horiz-adv-x="1000" >
7
  <font-face font-family="fontello" font-weight="400" font-stretch="normal" units-per-em="1000" ascent="850" descent="-150" />
@@ -98,6 +98,8 @@
98
 
99
  <glyph glyph-name="circle" unicode="&#xf111;" d="M857 350q0-117-57-215t-156-156-215-58-216 58-155 156-58 215 58 215 155 156 216 58 215-58 156-156 57-215z" horiz-adv-x="857.1" />
100
 
 
 
101
  <glyph glyph-name="dollar" unicode="&#xf155;" d="M546 189q0-86-56-147t-144-77v-97q0-8-5-13t-13-5h-75q-7 0-13 5t-5 13v97q-37 5-71 18t-57 25-41 26-26 21-10 10q-9 12-1 23l58 76q3 5 12 6 9 1 14-5l1-1q63-55 135-70 21-4 42-4 45 0 79 24t35 68q0 16-9 30t-18 23-33 21-37 18-45 18q-21 9-34 14t-34 15-35 17-32 20-29 24-25 27-20 32-11 37-5 44q0 77 55 135t142 75v100q0 7 5 13t13 5h75q8 0 13-5t5-13v-98q32-3 62-13t48-19 36-20 21-17 9-7q9-11 3-22l-46-81q-4-9-12-9-8-2-15 4-2 2-9 7t-21 14-33 18-42 15-47 6q-53 0-87-24t-33-62q0-14 4-27t17-23 22-18 31-18 34-15 39-15q30-11 45-17t43-20 42-24 34-28 30-35 18-43 7-52z" horiz-adv-x="571.4" />
102
 
103
  <glyph glyph-name="cubes" unicode="&#xf1b3;" d="M357-61l214 107v176l-214-92v-191z m-36 254l226 96-226 97-225-97z m608-254l214 107v176l-214-92v-191z m-36 254l225 96-225 97-226-97z m-250 163l214 92v149l-214-92v-149z m-36 212l246 105-246 106-246-106z m607-289v-233q0-20-10-37t-29-26l-250-125q-14-8-32-8t-32 8l-250 125q-2 1-4 2-1-1-4-2l-250-125q-14-8-32-8t-31 8l-250 125q-19 9-29 26t-11 37v233q0 21 12 39t32 26l242 104v223q0 22 12 40t31 26l250 107q13 6 28 6t28-6l250-107q20-9 32-26t12-40v-223l242-104q20-8 32-26t11-39z" horiz-adv-x="1285.7" />
1
  <?xml version="1.0" standalone="no"?>
2
  <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3
  <svg xmlns="http://www.w3.org/2000/svg">
4
+ <metadata>Copyright (C) 2018 by original authors @ fontello.com</metadata>
5
  <defs>
6
  <font id="fontello" horiz-adv-x="1000" >
7
  <font-face font-family="fontello" font-weight="400" font-stretch="normal" units-per-em="1000" ascent="850" descent="-150" />
98
 
99
  <glyph glyph-name="circle" unicode="&#xf111;" d="M857 350q0-117-57-215t-156-156-215-58-216 58-155 156-58 215 58 215 155 156 216 58 215-58 156-156 57-215z" horiz-adv-x="857.1" />
100
 
101
+ <glyph glyph-name="angle-circled-up" unicode="&#xf139;" d="M650 214l57 57q11 11 11 25t-11 26l-253 253q-11 11-25 11t-25-11l-254-253q-10-11-10-26t10-25l57-57q11-10 25-10t25 10l172 172 171-172q11-10 25-10t25 10z m207 136q0-117-57-215t-156-156-215-58-216 58-155 156-58 215 58 215 155 156 216 58 215-58 156-156 57-215z" horiz-adv-x="857.1" />
102
+
103
  <glyph glyph-name="dollar" unicode="&#xf155;" d="M546 189q0-86-56-147t-144-77v-97q0-8-5-13t-13-5h-75q-7 0-13 5t-5 13v97q-37 5-71 18t-57 25-41 26-26 21-10 10q-9 12-1 23l58 76q3 5 12 6 9 1 14-5l1-1q63-55 135-70 21-4 42-4 45 0 79 24t35 68q0 16-9 30t-18 23-33 21-37 18-45 18q-21 9-34 14t-34 15-35 17-32 20-29 24-25 27-20 32-11 37-5 44q0 77 55 135t142 75v100q0 7 5 13t13 5h75q8 0 13-5t5-13v-98q32-3 62-13t48-19 36-20 21-17 9-7q9-11 3-22l-46-81q-4-9-12-9-8-2-15 4-2 2-9 7t-21 14-33 18-42 15-47 6q-53 0-87-24t-33-62q0-14 4-27t17-23 22-18 31-18 34-15 39-15q30-11 45-17t43-20 42-24 34-28 30-35 18-43 7-52z" horiz-adv-x="571.4" />
104
 
105
  <glyph glyph-name="cubes" unicode="&#xf1b3;" d="M357-61l214 107v176l-214-92v-191z m-36 254l226 96-226 97-225-97z m608-254l214 107v176l-214-92v-191z m-36 254l225 96-225 97-226-97z m-250 163l214 92v149l-214-92v-149z m-36 212l246 105-246 106-246-106z m607-289v-233q0-20-10-37t-29-26l-250-125q-14-8-32-8t-32 8l-250 125q-2 1-4 2-1-1-4-2l-250-125q-14-8-32-8t-31 8l-250 125q-19 9-29 26t-11 37v233q0 21 12 39t32 26l242 104v223q0 22 12 40t31 26l250 107q13 6 28 6t28-6l250-107q20-9 32-26t12-40v-223l242-104q20-8 32-26t11-39z" horiz-adv-x="1285.7" />
media/font/fontello.ttf CHANGED
Binary file
media/font/fontello.woff CHANGED
Binary file
media/font/fontello.woff2 CHANGED
Binary file
media/js/aam.js CHANGED
@@ -13,6 +13,48 @@
13
  */
14
  (function ($) {
15
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
16
  /**
17
  *
18
  * @returns {undefined}
@@ -500,7 +542,6 @@
500
  * @returns {undefined}
501
  */
502
  function loadRoleList(selected) {
503
- console.log(selected);
504
  $.ajax(aamLocal.ajaxurl, {
505
  type: 'POST',
506
  dataType: 'json',
@@ -576,41 +617,6 @@
576
  });
577
  }
578
 
579
- /**
580
- *
581
- * @param {type} id
582
- * @param {type} btn
583
- * @returns {undefined}
584
- */
585
- function switchToUser(id, btn) {
586
- $.ajax(aamLocal.ajaxurl, {
587
- type: 'POST',
588
- dataType: 'json',
589
- data: {
590
- action: 'aam',
591
- sub_action: 'switchToUser',
592
- _ajax_nonce: aamLocal.nonce,
593
- user: id
594
- },
595
- beforeSend: function () {
596
- $(btn).attr('class', 'aam-row-action icon-spin4 animate-spin');
597
- },
598
- success: function (response) {
599
- if (response.status === 'success') {
600
- location.href = response.redirect;
601
- } else {
602
- aam.notification('danger', response.reason);
603
- }
604
- },
605
- error: function () {
606
- aam.notification('danger', aam.__('Application error'));
607
- },
608
- complete: function () {
609
- $(btn).attr('class', 'aam-row-action icon-exchange text-success');
610
- }
611
- });
612
- }
613
-
614
  //initialize the user list table
615
  $('#user-list').DataTable({
616
  autoWidth: false,
@@ -785,7 +791,7 @@
785
  $(container).append($('<i/>', {
786
  'class': 'aam-row-action icon-exchange text-success'
787
  }).bind('click', function () {
788
- switchToUser(data[0], $(this));
789
  }).attr({
790
  'data-toggle': "tooltip",
791
  'title': aam.__('Switch To User')
@@ -1783,7 +1789,7 @@
1783
  }
1784
  },
1785
  columnDefs: [
1786
- {visible: false, targets: [0, 1]}
1787
  ],
1788
  language: {
1789
  search: '_INPUT_',
@@ -1816,7 +1822,7 @@
1816
  $('td:eq(0)', row).html('<i class="icon-doc-text-inv"></i>');
1817
  break;
1818
  }
1819
-
1820
  //update the title to a link
1821
  if (data[2] === 'type') {
1822
  var link = $('<a/>', {
@@ -1837,8 +1843,31 @@
1837
 
1838
  }).html(data[3]);
1839
  $('td:eq(1)', row).html(link);
1840
- } else { //reset the post/term title
1841
- $('td:eq(1)', row).html(data[3]);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1842
  }
1843
 
1844
  //update the actions
@@ -2556,6 +2585,7 @@
2556
  */
2557
  function initialize() {
2558
  if ($('#extension-content').length) {
 
2559
  //check for updates
2560
  $('#aam-update-check').bind('click', function() {
2561
  $.ajax(aamLocal.ajaxurl, {
@@ -3182,12 +3212,16 @@
3182
  $('body').delegate('[data-toggle="tooltip"]', 'hover', function (event) {
3183
  event.preventDefault();
3184
  $(this).tooltip({
3185
- 'placement' : 'top',
3186
  'container' : 'body'
3187
  });
3188
  $(this).tooltip('show');
3189
  });
3190
 
 
 
 
 
3191
  $('.aam-area').each(function() {
3192
  $(this).bind('click', function() {
3193
  $('.aam-area').removeClass('text-danger');
@@ -3229,9 +3263,13 @@
3229
 
3230
  //update the header
3231
  var subject = type.charAt(0).toUpperCase() + type.slice(1);
3232
- $('.aam-current-subject').html(
3233
- aam.__(subject) + ': <strong>' + name + '</strong>'
3234
- );
 
 
 
 
3235
 
3236
  //highlight screen if the same level
3237
  if (parseInt(level) >= aamLocal.level || type === 'default') {
13
  */
14
  (function ($) {
15
 
16
+ /**
17
+ *
18
+ * @param {type} id
19
+ * @param {type} btn
20
+ * @param {type} rowAction
21
+ * @returns {undefined}
22
+ */
23
+ function switchToUser(id, btn, rowAction) {
24
+ $.ajax(aamLocal.ajaxurl, {
25
+ type: 'POST',
26
+ dataType: 'json',
27
+ data: {
28
+ action: 'aam',
29
+ sub_action: 'switchToUser',
30
+ _ajax_nonce: aamLocal.nonce,
31
+ user: id
32
+ },
33
+ beforeSend: function () {
34
+ $(btn).attr(
35
+ 'class',
36
+ 'icon-spin4 animate-spin ' + (rowAction ? 'aam-row-action' : 'aam-switch-user')
37
+ );
38
+ },
39
+ success: function (response) {
40
+ if (response.status === 'success') {
41
+ location.href = response.redirect;
42
+ } else {
43
+ aam.notification('danger', response.reason);
44
+ }
45
+ },
46
+ error: function () {
47
+ aam.notification('danger', aam.__('Application error'));
48
+ },
49
+ complete: function () {
50
+ $(btn).attr(
51
+ 'class',
52
+ 'icon-exchange ' + (rowAction ? 'aam-row-action text-success' : 'aam-switch-user')
53
+ );
54
+ }
55
+ });
56
+ }
57
+
58
  /**
59
  *
60
  * @returns {undefined}
542
  * @returns {undefined}
543
  */
544
  function loadRoleList(selected) {
 
545
  $.ajax(aamLocal.ajaxurl, {
546
  type: 'POST',
547
  dataType: 'json',
617
  });
618
  }
619
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
620
  //initialize the user list table
621
  $('#user-list').DataTable({
622
  autoWidth: false,
791
  $(container).append($('<i/>', {
792
  'class': 'aam-row-action icon-exchange text-success'
793
  }).bind('click', function () {
794
+ switchToUser(data[0], $(this), true);
795
  }).attr({
796
  'data-toggle': "tooltip",
797
  'title': aam.__('Switch To User')
1789
  }
1790
  },
1791
  columnDefs: [
1792
+ {visible: false, targets: [0, 1, 5]}
1793
  ],
1794
  language: {
1795
  search: '_INPUT_',
1822
  $('td:eq(0)', row).html('<i class="icon-doc-text-inv"></i>');
1823
  break;
1824
  }
1825
+
1826
  //update the title to a link
1827
  if (data[2] === 'type') {
1828
  var link = $('<a/>', {
1843
 
1844
  }).html(data[3]);
1845
  $('td:eq(1)', row).html(link);
1846
+ } else if (data[2] == 'term') {
1847
+ var name = '<span>' + data[3] + '</span><i class="aam-row-subtitle">';
1848
+
1849
+ if (data[5]) {
1850
+ name += aam.__('Parent:') + ' <b>' + data[5] + '</b>; ';
1851
+ } else {
1852
+ name += aam.__('Parent:') + ' none; ';
1853
+ }
1854
+
1855
+ name += aam.__('ID:') + ' <b>' + data[0].split('|')[0] + '</b>';
1856
+
1857
+ $('td:eq(1)', row).html(name);
1858
+ //$('td:eq(1)', row).html(data[3]);
1859
+ } else {
1860
+ var name = '<span>' + data[3] + '</span><i class="aam-row-subtitle">';
1861
+
1862
+ if (data[5]) {
1863
+ name += aam.__('Parent:') + ' <b>' + data[5] + '</b>; ';
1864
+ } else {
1865
+ name += aam.__('Parent:') + ' none; ';
1866
+ }
1867
+
1868
+ name += aam.__('ID:') + ' <b>' + data[0] + '</b>';
1869
+
1870
+ $('td:eq(1)', row).html(name);
1871
  }
1872
 
1873
  //update the actions
2585
  */
2586
  function initialize() {
2587
  if ($('#extension-content').length) {
2588
+ $('[data-toggle="toggle"]', '.extensions-metabox').bootstrapToggle();
2589
  //check for updates
2590
  $('#aam-update-check').bind('click', function() {
2591
  $.ajax(aamLocal.ajaxurl, {
3212
  $('body').delegate('[data-toggle="tooltip"]', 'hover', function (event) {
3213
  event.preventDefault();
3214
  $(this).tooltip({
3215
+ 'placement' : $(this).data('placement') || 'top',
3216
  'container' : 'body'
3217
  });
3218
  $(this).tooltip('show');
3219
  });
3220
 
3221
+ $('body').delegate('.aam-switch-user', 'click', function (event) {
3222
+ switchToUser(aam.getSubject().id, $(this), false);
3223
+ });
3224
+
3225
  $('.aam-area').each(function() {
3226
  $(this).bind('click', function() {
3227
  $('.aam-area').removeClass('text-danger');
3263
 
3264
  //update the header
3265
  var subject = type.charAt(0).toUpperCase() + type.slice(1);
3266
+ var title = aam.__(subject) + ': <strong>' + name + '</strong>';
3267
+
3268
+ if (type === 'user') {
3269
+ title += '<i data-toggle="tooltip" title="Switch To User" data-placement="right" class="icon-exchange aam-switch-user"></i>';
3270
+ }
3271
+
3272
+ $('.aam-current-subject').html(title);
3273
 
3274
  //highlight screen if the same level
3275
  if (parseInt(level) >= aamLocal.level || type === 'default') {
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: vasyltech
3
  Tags: access, role, user, capability, page access, post access, content access, comments, security, login redirect, membership, backend lockdown, wp-admin, 404, rest api, xml rpc
4
  Requires at least: 4.0
5
  Tested up to: 4.9.6
6
- Stable tag: 5.3.3
7
 
8
  The most powerful access management plugin for WordPress websites.
9
 
@@ -40,7 +40,7 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
40
  * [free] 404 Redirect. Redefine where user should be redirected when page does not exist. Find out more from [How to redirect on WordPress 404 error](https://aamplugin.com/help/how-to-redirect-on-wordpress-404-error);
41
  * [free] Access Denied Redirect. Define custom redirect for any role, user or visitors when access is denied for restricted area on your website;
42
  * [free] Manage Metaboxes and Widgets. Filter out restricted or unnecessary metaboxes and widgets on both frontend and backend for any user, role or visitors. Find out more from [How to hide WordPress metaboxes & widgets](https://aamplugin.com/help/how-to-hide-wordpress-metaboxes-and-widgets) article;
43
- * [paid] Manage Access Based On Geo Location or IP. Manage access to your website for all visitors based on referred host, IP address or geographical location. Find out more from [How to manage access to WordPress website based on location](https://aamplugin.com/help/how-to-manage-access-to-wordpress-website-based-on-location) article;
44
  * [paid] Monetize Access To You Content. Start selling access to your website content with premium [E-Commerce](https://aamplugin.com/extension/ecommerce) extension. Find out more from [How to monetize access to the WordPress content](https://aamplugin.com/help/how-to-monetize-access-to-the-wordpress-content) article;
45
  * [free] Multisite Support. Sync access settings across your network or even restrict none-members from accessing one of your sites. Find out more from [AAM and WordPress Multisite support](https://aamplugin.com/help/aam-and-wordpress-multisite-support);
46
  * [and even more...] Check our [help page](https://aamplugin.com/help) to learn more about AAM
@@ -66,6 +66,18 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
66
 
67
  == Changelog ==
68
 
 
 
 
 
 
 
 
 
 
 
 
 
69
  = 5.3.3 =
70
  * Fixed couple bugs with secure login widget rendering
71
  * Fixed the bug with AAM UI refresh triggered by aam extensions
3
  Tags: access, role, user, capability, page access, post access, content access, comments, security, login redirect, membership, backend lockdown, wp-admin, 404, rest api, xml rpc
4
  Requires at least: 4.0
5
  Tested up to: 4.9.6
6
+ Stable tag: 5.3.4
7
 
8
  The most powerful access management plugin for WordPress websites.
9
 
40
  * [free] 404 Redirect. Redefine where user should be redirected when page does not exist. Find out more from [How to redirect on WordPress 404 error](https://aamplugin.com/help/how-to-redirect-on-wordpress-404-error);
41
  * [free] Access Denied Redirect. Define custom redirect for any role, user or visitors when access is denied for restricted area on your website;
42
  * [free] Manage Metaboxes and Widgets. Filter out restricted or unnecessary metaboxes and widgets on both frontend and backend for any user, role or visitors. Find out more from [How to hide WordPress metaboxes & widgets](https://aamplugin.com/help/how-to-hide-wordpress-metaboxes-and-widgets) article;
43
+ * [paid] Manage Access Based On IP Address or Referred Domain. Manage access to your website for all visitors based on referred host, IP address or geographical location. Find out more from [How to manage access to WordPress website by IP address](https://aamplugin.com/help/how-to-manage-access-to-wordpress-website-by-ip-address) article;
44
  * [paid] Monetize Access To You Content. Start selling access to your website content with premium [E-Commerce](https://aamplugin.com/extension/ecommerce) extension. Find out more from [How to monetize access to the WordPress content](https://aamplugin.com/help/how-to-monetize-access-to-the-wordpress-content) article;
45
  * [free] Multisite Support. Sync access settings across your network or even restrict none-members from accessing one of your sites. Find out more from [AAM and WordPress Multisite support](https://aamplugin.com/help/aam-and-wordpress-multisite-support);
46
  * [and even more...] Check our [help page](https://aamplugin.com/help) to learn more about AAM
66
 
67
  == Changelog ==
68
 
69
+ = 5.3.4 =
70
+ * Fixed incompatibility issue with plugins that use "plugins_loaded" hook for post manipulations
71
+ * Fixed the bug with AAM_Api_Rest_Resource_User
72
+ * Fixed issues with ConfigPress settings compatibility between versions
73
+ * Fixed the issues with infinite loop when access denied redirect is not configured correctly
74
+ * Fixed issue with post filtering that disregards Backend/Frotent/API Access Control settings
75
+ * Fixed bug with login widget labels
76
+ * Added more information about parent terms & posts to the Post & Terms list
77
+ * Added additional widget that lists of AAM licenses on the Extensions tab
78
+ * Added fallback secret key for jwt token generator
79
+ * Added ability to filter out widgets from the Appearance->Widgets screen
80
+
81
  = 5.3.3 =
82
  * Fixed couple bugs with secure login widget rendering
83
  * Fixed the bug with AAM UI refresh triggered by aam extensions