Advanced Access Manager - Version 5.4.3

Version Description

  • Fixed the bug with Posts & Terms feature that hides it when Manage Frontend & Backend Access are disabled however API is enabled
  • Fixed the bug that cached objects while managing them on AAM page. That was causing inconsistency sometimes
  • Fixed the bug with content shortcode that was defining incorrectly if wrapped content should be hidden or not for specific user
  • Fixed the bug with AAM not being able to apply translations for other languages
  • Added new option "Support AAM Extensions" that allows to enables/disables Extensions feature
  • Added new option "Get Started Feature" that toggle the Get Started tab
  • Added new option "AAM Cron Job" that enables/disables the internal AAM cron job
  • Added Get Started tab with some basic introduction to AAM plugin
  • Added ability to set "hard" user login time
  • Added ability to sort posts and terms list by title
  • Enhanced JWT authentication with ability to set also cookie that contains JWT token or define signing algorithm
  • Refactored Metaboxes & Widget feature so initialization process is handled with client side
  • Refactored Admin Toolbar feature so initialization process is handled with client side
  • Improved the Post & Terms feature by enabling to manage more post types out-of-box
  • Improved the Import/Export feature that eliminates issues with incompatible AAM versions
  • Refactored internal implementation to make it compatible with strict and secure environments like WordPress VIP
Download this release

Release Info

Developer vasyl_m
Plugin Icon 128x128 Advanced Access Manager
Version 5.4.3
Comparing to
See all releases

Code changes from version 5.4.2 to 5.4.3

Files changed (60) hide show
  1. Application/Api/Manager.php +1 -1
  2. Application/Api/Rest/Resource/Post.php +8 -8
  3. Application/Backend/Authorization.php +1 -1
  4. Application/Backend/Feature.php +3 -3
  5. Application/Backend/Feature/Extension/Manager.php +20 -9
  6. Application/Backend/Feature/Main/404Redirect.php +1 -1
  7. Application/Backend/Feature/Main/Capability.php +10 -10
  8. Application/Backend/Feature/Main/GetStarted.php +49 -0
  9. Application/Backend/Feature/Main/LoginRedirect.php +1 -1
  10. Application/Backend/Feature/Main/LogoutRedirect.php +1 -1
  11. Application/Backend/Feature/Main/Menu.php +3 -3
  12. Application/Backend/Feature/Main/Metabox.php +20 -50
  13. Application/Backend/Feature/Main/Post.php +51 -36
  14. Application/Backend/Feature/Main/Redirect.php +2 -2
  15. Application/Backend/Feature/Main/Route.php +2 -2
  16. Application/Backend/Feature/Main/Toolbar.php +3 -36
  17. Application/Backend/Feature/Settings/Core.php +15 -0
  18. Application/Backend/Feature/Settings/Manager.php +2 -2
  19. Application/Backend/Feature/Settings/Tools.php +10 -10
  20. Application/Backend/Feature/Subject/Role.php +6 -6
  21. Application/Backend/Feature/Subject/User.php +3 -3
  22. Application/Backend/Filter.php +9 -10
  23. Application/Backend/Manager.php +14 -17
  24. Application/Backend/View.php +12 -11
  25. Application/Backend/Widget/Login.php +4 -6
  26. Application/Backend/phtml/index.phtml +1 -10
  27. Application/Backend/phtml/main/get-started.phtml +19 -0
  28. Application/Backend/phtml/main/metabox.phtml +1 -2
  29. Application/Backend/phtml/main/post.phtml +2 -2
  30. Application/Core/API.php +17 -32
  31. Application/Core/Api/Area.php +3 -3
  32. Application/Core/Compatibility.php +2 -3
  33. Application/Core/ConfigPress/Evaluator.php +3 -3
  34. Application/Core/Exporter.php +22 -22
  35. Application/Core/Importer.php +32 -12
  36. Application/Core/JwtAuth.php +49 -14
  37. Application/Core/Login.php +16 -2
  38. Application/Core/Media.php +7 -5
  39. Application/Core/Object/Cache.php +4 -2
  40. Application/Core/Object/Menu.php +1 -1
  41. Application/Core/Object/Metabox.php +1 -1
  42. Application/Core/Object/Post.php +8 -7
  43. Application/Core/Object/Visibility.php +2 -2
  44. Application/Core/Server.php +6 -6
  45. Application/Core/Subject.php +4 -2
  46. Application/Core/Subject/User.php +38 -18
  47. Application/Extension/List.php +13 -13
  48. Application/Extension/Repository.php +8 -8
  49. Application/Frontend/Authorization.php +7 -7
  50. Application/Frontend/Filter.php +5 -5
  51. Application/Shared/Manager.php +64 -8
  52. Application/Shortcode/Strategy/Content.php +8 -8
  53. Application/Shortcode/Strategy/Login.php +1 -1
  54. Lang/advanced-access-manager-en_US.mo +0 -0
  55. Lang/advanced-access-manager-en_US.po +543 -397
  56. aam.php +9 -12
  57. media/css/aam.css +4 -5
  58. media/js/aam-login.js +0 -1
  59. media/js/aam.js +504 -482
  60. readme.txt +19 -1
Application/Api/Manager.php CHANGED
@@ -127,7 +127,7 @@ class AAM_Api_Manager {
127
  $method = $request->get_method();
128
 
129
  foreach(array_keys($server->get_routes()) as $route) {
130
- if ($route == $matched || preg_match("#^{$route}$#i", $matched)) {
131
  if ($object->has('restful', $route, $method)) {
132
  $response = new WP_Error(
133
  'rest_access_denied',
127
  $method = $request->get_method();
128
 
129
  foreach(array_keys($server->get_routes()) as $route) {
130
+ if ($route === $matched || preg_match("#^{$route}$#i", $matched)) {
131
  if ($object->has('restful', $route, $method)) {
132
  $response = new WP_Error(
133
  'rest_access_denied',
Application/Api/Rest/Resource/Post.php CHANGED
@@ -182,7 +182,7 @@ class AAM_Api_Rest_Resource_Post {
182
  $read = $post->has('api.read');
183
  $others = $post->has('api.read_others');
184
 
185
- if ($read || ($others && ($post->post_author != get_current_user_id()))) {
186
  $result = new WP_Error(
187
  'rest_post_cannot_read',
188
  "User is unauthorized to read the post. Access denied.",
@@ -246,13 +246,13 @@ class AAM_Api_Rest_Resource_Post {
246
  if ($post->has('api.redirect')) {
247
  $rule = explode('|', $post->get('api.location'));
248
 
249
- if (count($rule) == 1) { // TODO: legacy. Remove in Jul 2020
250
  $redirect = $rule[0];
251
- } elseif ($rule[0] == 'page') {
252
  $redirect = get_page_link($rule[1]);
253
- } elseif ($rule[0] == 'url') {
254
  $redirect = $rule[1];
255
- } elseif (($rule[0] == 'callback') && is_callable($rule[1])) {
256
  $redirect = call_user_func($rule[1], $post);
257
  } else {
258
  $redirect = null;
@@ -292,7 +292,7 @@ class AAM_Api_Rest_Resource_Post {
292
  require_once( ABSPATH . 'wp-includes/class-phpass.php' );
293
  $hasher = new PasswordHash(8, true);
294
 
295
- if ($pass != $request['password']
296
  && !$hasher->CheckPassword($pass, $request['password'])) {
297
  $result = new WP_Error(
298
  'rest_post_cannot_read',
@@ -328,7 +328,7 @@ class AAM_Api_Rest_Resource_Post {
328
  $edit = $post->has('api.edit');
329
  $others = $post->has('api.edit_others');
330
 
331
- if ($edit || ($others && ($post->post_author != get_current_user_id()))) {
332
  $result = new WP_Error(
333
  'rest_post_cannot_update',
334
  "User is unauthorized to update the post. Access denied.",
@@ -357,7 +357,7 @@ class AAM_Api_Rest_Resource_Post {
357
  $delete = $post->has('api.delete');
358
  $others = $post->has('api.delete_others');
359
 
360
- if ($delete || ($others && ($post->post_author != get_current_user_id()))) {
361
  $result = new WP_Error(
362
  'rest_post_cannot_delete',
363
  "User is unauthorized to delete the post. Access denied.",
182
  $read = $post->has('api.read');
183
  $others = $post->has('api.read_others');
184
 
185
+ if ($read || ($others && ($post->post_author !== get_current_user_id()))) {
186
  $result = new WP_Error(
187
  'rest_post_cannot_read',
188
  "User is unauthorized to read the post. Access denied.",
246
  if ($post->has('api.redirect')) {
247
  $rule = explode('|', $post->get('api.location'));
248
 
249
+ if (count($rule) === 1) { // TODO: legacy. Remove in Jul 2020
250
  $redirect = $rule[0];
251
+ } elseif ($rule[0] === 'page') {
252
  $redirect = get_page_link($rule[1]);
253
+ } elseif ($rule[0] === 'url') {
254
  $redirect = $rule[1];
255
+ } elseif (($rule[0] === 'callback') && is_callable($rule[1])) {
256
  $redirect = call_user_func($rule[1], $post);
257
  } else {
258
  $redirect = null;
292
  require_once( ABSPATH . 'wp-includes/class-phpass.php' );
293
  $hasher = new PasswordHash(8, true);
294
 
295
+ if ($pass !== $request['password']
296
  && !$hasher->CheckPassword($pass, $request['password'])) {
297
  $result = new WP_Error(
298
  'rest_post_cannot_read',
328
  $edit = $post->has('api.edit');
329
  $others = $post->has('api.edit_others');
330
 
331
+ if ($edit || ($others && ($post->post_author !== get_current_user_id()))) {
332
  $result = new WP_Error(
333
  'rest_post_cannot_update',
334
  "User is unauthorized to update the post. Access denied.",
357
  $delete = $post->has('api.delete');
358
  $others = $post->has('api.delete_others');
359
 
360
+ if ($delete || ($others && ($post->post_author !== get_current_user_id()))) {
361
  $result = new WP_Error(
362
  'rest_post_cannot_delete',
363
  "User is unauthorized to delete the post. Access denied.",
Application/Backend/Authorization.php CHANGED
@@ -60,7 +60,7 @@ class AAM_Backend_Authorization {
60
 
61
  if (!empty($taxonomy)) {
62
  $menu .= '?taxonomy=' . $taxonomy;
63
- } elseif (!empty($postType) && ($postType != 'post')) {
64
  $menu .= '?post_type=' . $postType;
65
  } elseif (!empty($page)) {
66
  $menu .= '?page=' . $page;
60
 
61
  if (!empty($taxonomy)) {
62
  $menu .= '?taxonomy=' . $taxonomy;
63
+ } elseif (!empty($postType) && ($postType !== 'post')) {
64
  $menu .= '?post_type=' . $postType;
65
  } elseif (!empty($page)) {
66
  $menu .= '?page=' . $page;
Application/Backend/Feature.php CHANGED
@@ -118,8 +118,8 @@ class AAM_Backend_Feature {
118
  $subject = AAM_Backend_Subject::getInstance()->getUID();
119
  foreach (self::$_features as $feature) {
120
  $ftype = (!empty($feature->type) ? $feature->type : 'main'); //TODO - legacy Nov 2018
121
- if ($ftype == $type
122
- && (empty($feature->subjects) || in_array($subject, $feature->subjects))) {
123
  $response[] = self::initView($feature);
124
  }
125
  }
@@ -144,7 +144,7 @@ class AAM_Backend_Feature {
144
  $pos_a = (empty($feature_a->position) ? 9999 : $feature_a->position);
145
  $pos_b = (empty($feature_b->position) ? 9999 : $feature_b->position);
146
 
147
- if ($pos_a == $pos_b){
148
  $response = 0;
149
  } else {
150
  $response = ($pos_a < $pos_b ? -1 : 1);
118
  $subject = AAM_Backend_Subject::getInstance()->getUID();
119
  foreach (self::$_features as $feature) {
120
  $ftype = (!empty($feature->type) ? $feature->type : 'main'); //TODO - legacy Nov 2018
121
+ if ($ftype === $type
122
+ && (empty($feature->subjects) || in_array($subject, $feature->subjects, true))) {
123
  $response[] = self::initView($feature);
124
  }
125
  }
144
  $pos_a = (empty($feature_a->position) ? 9999 : $feature_a->position);
145
  $pos_b = (empty($feature_b->position) ? 9999 : $feature_b->position);
146
 
147
+ if ($pos_a === $pos_b){
148
  $response = 0;
149
  } else {
150
  $response = ($pos_a < $pos_b ? -1 : 1);
Application/Backend/Feature/Extension/Manager.php CHANGED
@@ -21,11 +21,22 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
21
  */
22
  protected static $instance = null;
23
 
 
 
 
 
 
 
 
 
 
 
 
24
  /**
25
  *
26
  */
27
  public function render() {
28
- require_once(dirname(__FILE__) . '/../../phtml/extensions.phtml');
29
  }
30
 
31
  /**
@@ -36,7 +47,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
36
  public function check() {
37
  AAM::cron();
38
 
39
- return json_encode(array('status' => 'success'));
40
  }
41
 
42
  /**
@@ -59,7 +70,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
59
  $manually = __('You may try to install extension manually.', AAM_KEY);
60
  $response = array(
61
  'status' => 'failure',
62
- 'error' => strip_tags($package->get_error_message()) . ' ' . $manually
63
  );
64
  }elseif ($error = $repo->checkDirectory()) {
65
  $response = $this->installFailureResponse($error, $package);
@@ -67,7 +78,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
67
  } elseif (empty($package->content)) { //any unpredictable scenario
68
  $response = array(
69
  'status' => 'failure',
70
- 'error' => 'Download failure. Please try again or contact us.'
71
  );
72
  } else { //otherwise install the extension
73
  $result = $repo->add(base64_decode($package->content));
@@ -103,7 +114,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
103
  if (!empty($list[$id]['license'])) {
104
  $response = $this->install($list[$id]['license']);
105
  } else {
106
- $response = json_encode(array(
107
  'status' => 'failure',
108
  'error' => __('Enter license key to update extension.', AAM_KEY)
109
  ));
@@ -123,7 +134,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
123
  AAM_Extension_Repository::STATUS_INACTIVE
124
  );
125
 
126
- return json_encode(array('status' => 'success'));
127
  }
128
 
129
  /**
@@ -136,7 +147,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
136
  AAM_Extension_Repository::STATUS_INSTALLED
137
  );
138
 
139
- return json_encode(array('status' => 'success'));
140
  }
141
 
142
  /**
@@ -149,7 +160,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
149
  @mkdir($dirname, fileperms( ABSPATH ) & 0777 | 0755, true);
150
  }
151
 
152
- return json_encode(array(
153
  'status' => (AAM_Extension_Repository::getInstance()->isWriteableDirectory() ? 'success' : 'failed')
154
  ));
155
  }
@@ -163,7 +174,7 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
163
  $response = array();
164
 
165
  foreach(AAM_Extension_Repository::getInstance()->getList() as $item) {
166
- if ($item['type'] == $type) {
167
  $response[] = $item;
168
  }
169
  }
21
  */
22
  protected static $instance = null;
23
 
24
+ /**
25
+ *
26
+ */
27
+ public function __construct() {
28
+ parent::__construct();
29
+
30
+ if (AAM_Core_Config::get('core.settings.extensionSupport', true) === false) {
31
+ AAM_Core_API::reject('backend');
32
+ }
33
+ }
34
+
35
  /**
36
  *
37
  */
38
  public function render() {
39
+ require_once dirname(__FILE__) . '/../../phtml/extensions.phtml';
40
  }
41
 
42
  /**
47
  public function check() {
48
  AAM::cron();
49
 
50
+ return wp_json_encode(array('status' => 'success'));
51
  }
52
 
53
  /**
70
  $manually = __('You may try to install extension manually.', AAM_KEY);
71
  $response = array(
72
  'status' => 'failure',
73
+ 'error' => wp_strip_all_tags($package->get_error_message()) . ' ' . $manually
74
  );
75
  }elseif ($error = $repo->checkDirectory()) {
76
  $response = $this->installFailureResponse($error, $package);
78
  } elseif (empty($package->content)) { //any unpredictable scenario
79
  $response = array(
80
  'status' => 'failure',
81
+ 'error' => __('Download failure. Please try again or contact us.', AAM_KEY)
82
  );
83
  } else { //otherwise install the extension
84
  $result = $repo->add(base64_decode($package->content));
114
  if (!empty($list[$id]['license'])) {
115
  $response = $this->install($list[$id]['license']);
116
  } else {
117
+ $response = wp_json_encode(array(
118
  'status' => 'failure',
119
  'error' => __('Enter license key to update extension.', AAM_KEY)
120
  ));
134
  AAM_Extension_Repository::STATUS_INACTIVE
135
  );
136
 
137
+ return wp_json_encode(array('status' => 'success'));
138
  }
139
 
140
  /**
147
  AAM_Extension_Repository::STATUS_INSTALLED
148
  );
149
 
150
+ return wp_json_encode(array('status' => 'success'));
151
  }
152
 
153
  /**
160
  @mkdir($dirname, fileperms( ABSPATH ) & 0777 | 0755, true);
161
  }
162
 
163
+ return wp_json_encode(array(
164
  'status' => (AAM_Extension_Repository::getInstance()->isWriteableDirectory() ? 'success' : 'failed')
165
  ));
166
  }
174
  $response = array();
175
 
176
  foreach(AAM_Extension_Repository::getInstance()->getList() as $item) {
177
+ if ($item['type'] === $type) {
178
  $response[] = $item;
179
  }
180
  }
Application/Backend/Feature/Main/404Redirect.php CHANGED
@@ -35,7 +35,7 @@ class AAM_Backend_Feature_Main_404Redirect extends AAM_Backend_Feature_Abstract
35
 
36
  AAM_Core_Config::set($param, $value);
37
 
38
- return json_encode(array('status' => 'success'));
39
  }
40
 
41
  /**
35
 
36
  AAM_Core_Config::set($param, $value);
37
 
38
+ return wp_json_encode(array('status' => 'success'));
39
  }
40
 
41
  /**
Application/Backend/Feature/Main/Capability.php CHANGED
@@ -65,7 +65,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
65
  public function getTable() {
66
  $response = array('data' => $this->retrieveAllCaps());
67
 
68
- return json_encode($response);
69
  }
70
 
71
  /**
@@ -99,7 +99,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
99
  );
100
  }
101
 
102
- return json_encode($response);
103
  }
104
 
105
  /**
@@ -116,7 +116,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
116
  $roles = AAM_Core_API::getRoles();
117
  $subject = AAM_Backend_Subject::getInstance();
118
 
119
- if ($subject->getUID() == AAM_Core_Subject_Role::UID) {
120
  foreach($roles->role_objects as $role) {
121
  $role->remove_cap($capability);
122
  }
@@ -128,7 +128,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
128
  );
129
  }
130
 
131
- return json_encode($response);
132
  }
133
 
134
  /**
@@ -151,7 +151,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
151
 
152
  //allow to delete or update capability only for roles!
153
  if (AAM_Core_Config::get('core.settings.editCapabilities', false)
154
- && ($subject->getUID() == AAM_Core_Subject_Role::UID)) {
155
  $actions[] = 'edit';
156
  $actions[] = 'delete';
157
  }
@@ -240,7 +240,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
240
  $response = array('status' => 'failure');
241
  }
242
 
243
- return json_encode($response);
244
  }
245
 
246
  /**
@@ -253,13 +253,13 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
253
  * @access protected
254
  */
255
  protected function getGroup($capability) {
256
- if (in_array($capability, self::$groups['system'])) {
257
  $response = __('System', AAM_KEY);
258
- } elseif (in_array($capability, self::$groups['post'])) {
259
  $response = __('Posts & Pages', AAM_KEY);
260
- } elseif (in_array($capability, self::$groups['backend'])) {
261
  $response = __('Backend', AAM_KEY);
262
- } elseif (in_array($capability, self::$groups['aam'])) {
263
  $response = __('AAM Interface', AAM_KEY);
264
  } else {
265
  $response = __('Miscellaneous', AAM_KEY);
65
  public function getTable() {
66
  $response = array('data' => $this->retrieveAllCaps());
67
 
68
+ return wp_json_encode($response);
69
  }
70
 
71
  /**
99
  );
100
  }
101
 
102
+ return wp_json_encode($response);
103
  }
104
 
105
  /**
116
  $roles = AAM_Core_API::getRoles();
117
  $subject = AAM_Backend_Subject::getInstance();
118
 
119
+ if ($subject->getUID() === AAM_Core_Subject_Role::UID) {
120
  foreach($roles->role_objects as $role) {
121
  $role->remove_cap($capability);
122
  }
128
  );
129
  }
130
 
131
+ return wp_json_encode($response);
132
  }
133
 
134
  /**
151
 
152
  //allow to delete or update capability only for roles!
153
  if (AAM_Core_Config::get('core.settings.editCapabilities', false)
154
+ && ($subject->getUID() === AAM_Core_Subject_Role::UID)) {
155
  $actions[] = 'edit';
156
  $actions[] = 'delete';
157
  }
240
  $response = array('status' => 'failure');
241
  }
242
 
243
+ return wp_json_encode($response);
244
  }
245
 
246
  /**
253
  * @access protected
254
  */
255
  protected function getGroup($capability) {
256
+ if (in_array($capability, self::$groups['system'], true)) {
257
  $response = __('System', AAM_KEY);
258
+ } elseif (in_array($capability, self::$groups['post'], true)) {
259
  $response = __('Posts & Pages', AAM_KEY);
260
+ } elseif (in_array($capability, self::$groups['backend'], true)) {
261
  $response = __('Backend', AAM_KEY);
262
+ } elseif (in_array($capability, self::$groups['aam'], true)) {
263
  $response = __('AAM Interface', AAM_KEY);
264
  } else {
265
  $response = __('Miscellaneous', AAM_KEY);
Application/Backend/Feature/Main/GetStarted.php ADDED
@@ -0,0 +1,49 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ /**
11
+ * Backend Get Started manager
12
+ *
13
+ * @package AAM
14
+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
+ */
16
+ class AAM_Backend_Feature_Main_GetStarted extends AAM_Backend_Feature_Abstract {
17
+
18
+ /**
19
+ * @inheritdoc
20
+ */
21
+ public static function getTemplate() {
22
+ return 'main/get-started.phtml';
23
+ }
24
+
25
+ /**
26
+ * Register 404 redirect feature
27
+ *
28
+ * @return void
29
+ *
30
+ * @access public
31
+ */
32
+ public static function register() {
33
+ AAM_Backend_Feature::registerFeature((object) array(
34
+ 'uid' => 'get-started',
35
+ 'position' => 1,
36
+ 'title' => __('Get Started', AAM_KEY),
37
+ 'type' => 'main',
38
+ 'subjects' => array(
39
+ AAM_Core_Subject_Default::UID,
40
+ AAM_Core_Subject_Role::UID,
41
+ AAM_Core_Subject_User::UID,
42
+ AAM_Core_Subject_Visitor::UID
43
+ ),
44
+ 'option' => 'core.settings.getStarted',
45
+ 'view' => __CLASS__
46
+ ));
47
+ }
48
+
49
+ }
Application/Backend/Feature/Main/LoginRedirect.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Backend_Feature_Main_LoginRedirect extends AAM_Backend_Feature_Abstrac
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance()->getUID();
24
 
25
- return ($subject == AAM_Core_Subject_Default::UID);
26
  }
27
 
28
  /**
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance()->getUID();
24
 
25
+ return ($subject === AAM_Core_Subject_Default::UID);
26
  }
27
 
28
  /**
Application/Backend/Feature/Main/LogoutRedirect.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Backend_Feature_Main_LogoutRedirect extends AAM_Backend_Feature_Abstra
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance();
24
 
25
- return ($subject->getUID() == 'default');
26
  }
27
 
28
  /**
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance();
24
 
25
+ return ($subject->getUID() === 'default');
26
  }
27
 
28
  /**
Application/Backend/Feature/Main/Menu.php CHANGED
@@ -32,7 +32,7 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
32
 
33
  $object->save();
34
 
35
- return json_encode(array('status' => 'success'));
36
  }
37
 
38
  /**
@@ -112,7 +112,7 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
112
 
113
  $response = array();
114
  $subject = AAM_Backend_Subject::getInstance();
115
- $isDefault = ($subject->getUID() == AAM_Core_Subject_Default::UID);
116
 
117
  if (array_key_exists($menu, $submenu) && is_array($submenu[$menu])) {
118
  foreach ($submenu[$menu] as $item) {
@@ -142,7 +142,7 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
142
  * @access protected
143
  */
144
  protected function filterMenuName($name) {
145
- $filtered = trim(strip_tags($name));
146
 
147
  return preg_replace('/([\d]+)$/', '', $filtered);
148
  }
32
 
33
  $object->save();
34
 
35
+ return wp_json_encode(array('status' => 'success'));
36
  }
37
 
38
  /**
112
 
113
  $response = array();
114
  $subject = AAM_Backend_Subject::getInstance();
115
+ $isDefault = ($subject->getUID() === AAM_Core_Subject_Default::UID);
116
 
117
  if (array_key_exists($menu, $submenu) && is_array($submenu[$menu])) {
118
  foreach ($submenu[$menu] as $item) {
142
  * @access protected
143
  */
144
  protected function filterMenuName($name) {
145
+ $filtered = trim(wp_strip_all_tags($name));
146
 
147
  return preg_replace('/([\d]+)$/', '', $filtered);
148
  }
Application/Backend/Feature/Main/Metabox.php CHANGED
@@ -23,65 +23,35 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
23
  }
24
 
25
  /**
26
- *
27
  * @global type $wp_post_types
28
  * @return type
29
  */
30
- public function refreshList() {
31
  global $wp_post_types;
32
 
33
  AAM_Core_API::deleteOption('aam_metabox_cache');
34
- $type_list = array_keys($wp_post_types);
35
-
36
- //used to retrieve the list of all wigets on the frontend
37
- array_unshift($type_list, 'widgets');
38
-
39
- foreach ($type_list as $type) {
40
- if ($type == 'widgets') {
41
- $url = add_query_arg('init', 'metabox', admin_url('index.php'));
42
- } else {
43
- $url = add_query_arg(
44
  'init', 'metabox', admin_url('post-new.php?post_type=' . $type)
45
  );
46
  }
47
-
48
- //grab metaboxes
49
- AAM_Core_API::cURL($this->addHttpPasswd($url));
50
  }
51
 
52
- return json_encode(array('status' => 'success'));
53
- }
54
-
55
- /**
56
- *
57
- * @global type $wp_post_types
58
- * @return type
59
- */
60
- public function initURL() {
61
- //grab metaboxes
62
- $url = $this->addHttpPasswd(AAM_Core_Request::post('url'));
63
- AAM_Core_API::cURL(add_query_arg('init', 'metabox', $url));
64
-
65
- return json_encode(array('status' => 'success'));
66
  }
67
 
68
- /**
69
- *
70
- * @param type $url
71
- * @return type
72
- */
73
- protected function addHttpPasswd($url) {
74
- $htpasswd = AAM_Core_Config::get('feature.metabox.htpasswd');
75
-
76
- if (!empty($htpasswd['user']) && !empty($htpasswd['pass'])) {
77
- $url = preg_replace(
78
- '/^(http[s]?:\/\/)/', "$1{$htpasswd['user']}:{$htpasswd['pass']}@", $url
79
- );
80
- }
81
-
82
- return $url;
83
- }
84
-
85
  /**
86
  * Initialize metabox list
87
  *
@@ -132,7 +102,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
132
 
133
  if (!is_null($callback)) { //exclude any junk
134
  $cache['widgets'][$callback] = array(
135
- 'title' => strip_tags($data['name']),
136
  'id' => $callback
137
  );
138
  }
@@ -170,7 +140,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
170
  if (trim($data['id'])) { //exclude any junk
171
  $cache[$post_type][$data['id']] = array(
172
  'id' => $data['id'],
173
- 'title' => strip_tags($data['title'])
174
  );
175
  }
176
  }
@@ -192,7 +162,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
192
  $subject = AAM_Backend_Subject::getInstance();
193
 
194
  //if visitor, return only frontend widgets
195
- if ($subject->getUID() == AAM_Core_Subject_Visitor::UID) {
196
  if (!empty($cache['widgets'])) {
197
  $response = array('widgets' => $cache['widgets']);
198
  } else {
@@ -204,7 +174,7 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
204
 
205
  //filter non-existing metaboxes
206
  foreach(array_keys($response) as $id) {
207
- if (!in_array($id, array('dashboard', 'widgets'))
208
  && empty($wp_post_types[$id])) {
209
  unset($response[$id]);
210
  }
23
  }
24
 
25
  /**
26
+ *
27
  * @global type $wp_post_types
28
  * @return type
29
  */
30
+ public function prepareInitialization() {
31
  global $wp_post_types;
32
 
33
  AAM_Core_API::deleteOption('aam_metabox_cache');
34
+
35
+ $endpoints = array();
36
+
37
+ foreach (array_merge(array('widgets'), array_keys($wp_post_types)) as $type) {
38
+ if ($type === 'widgets') {
39
+ $endpoints[] = add_query_arg('init', 'metabox', admin_url('index.php'));
40
+ } elseif ($wp_post_types[$type]->show_ui) {
41
+ $endpoints[] = add_query_arg(
 
 
42
  'init', 'metabox', admin_url('post-new.php?post_type=' . $type)
43
  );
44
  }
 
 
 
45
  }
46
 
47
+ return wp_json_encode(
48
+ array(
49
+ 'status' => 'success',
50
+ 'endpoints' => $endpoints
51
+ )
52
+ );
 
 
 
 
 
 
 
 
53
  }
54
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
55
  /**
56
  * Initialize metabox list
57
  *
102
 
103
  if (!is_null($callback)) { //exclude any junk
104
  $cache['widgets'][$callback] = array(
105
+ 'title' => wp_strip_all_tags($data['name']),
106
  'id' => $callback
107
  );
108
  }
140
  if (trim($data['id'])) { //exclude any junk
141
  $cache[$post_type][$data['id']] = array(
142
  'id' => $data['id'],
143
+ 'title' => wp_strip_all_tags($data['title'])
144
  );
145
  }
146
  }
162
  $subject = AAM_Backend_Subject::getInstance();
163
 
164
  //if visitor, return only frontend widgets
165
+ if ($subject->getUID() === AAM_Core_Subject_Visitor::UID) {
166
  if (!empty($cache['widgets'])) {
167
  $response = array('widgets' => $cache['widgets']);
168
  } else {
174
 
175
  //filter non-existing metaboxes
176
  foreach(array_keys($response) as $id) {
177
+ if (!in_array($id, array('dashboard', 'widgets'), true)
178
  && empty($wp_post_types[$id])) {
179
  unset($response[$id]);
180
  }
Application/Backend/Feature/Main/Post.php CHANGED
@@ -79,18 +79,35 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
79
  $all = AAM_Core_Config::get('core.settings.manageHiddenPostTypes', false);
80
 
81
  foreach (get_post_types(array(), 'objects') as $type) {
82
- if (($all || $type->public)
83
  && (empty($s) || stripos($type->labels->name, $s) !== false)) {
84
- $filtered[] = $type;
85
  }
86
  }
87
 
 
 
88
  return (object) array(
89
  'total' => count($list),
90
  'filtered' => count($filtered),
91
  'records' => array_slice($filtered, $start, $length)
92
  );
93
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
94
 
95
  /**
96
  * Get post type children
@@ -156,10 +173,10 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
156
  array(
157
  'link' => false,
158
  'format' => 'name',
159
- 'separator' => ' &raquo; ',
160
  'inclusive' => false
161
  )
162
- ), ' &raquo; '),
163
  apply_filters(
164
  'aam-term-override-status',
165
  false,
@@ -190,10 +207,10 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
190
  //first retrieve all hierarchical terms that belong to Post Type
191
  if ($paging['terms']) {
192
  $list = $this->retrieveTermList(
193
- $this->getTypeTaxonomies($type),
194
- $s,
195
- $paging['term_offset'],
196
- $paging['terms']
197
  );
198
  }
199
 
@@ -202,7 +219,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
202
  $list = array_merge(
203
  $list,
204
  $this->retrievePostList(
205
- $type, $s, $paging['post_offset'], $paging['posts']
206
  )
207
  );
208
  }
@@ -287,7 +304,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
287
  protected function getPostCount($type, $search) {
288
  global $wpdb;
289
 
290
- $query = "SELECT COUNT( * ) AS total FROM {$wpdb->posts} ";
291
  $query .= "WHERE (post_type = %s) AND (post_title LIKE %s)";
292
 
293
  $args = array($type, "{$search}%");
@@ -316,7 +333,8 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
316
  'search' => $search,
317
  'taxonomy' => $taxonomies,
318
  'offset' => $offset,
319
- 'number' => $limit
 
320
  );
321
 
322
  return get_terms($args);
@@ -332,13 +350,16 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
332
  */
333
  protected function retrievePostList($type, $search, $offset, $limit) {
334
  return get_posts(array(
335
- 'post_type' => $type,
336
- 'category' => 0,
337
- 's' => $search,
338
- 'offset' => $offset,
339
- 'numberposts' => $limit,
340
- 'post_status' => 'any',
341
- 'fields' => 'all'
 
 
 
342
  ));
343
  }
344
 
@@ -354,7 +375,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
354
  protected function wrapTable($response) {
355
  $response['draw'] = AAM_Core_Request::request('draw');
356
 
357
- return json_encode($response);
358
  }
359
 
360
  /**
@@ -373,16 +394,12 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
373
  //prepare the response object
374
  if (is_a($object, 'AAM_Core_Object')) {
375
  foreach($object->getOption() as $key => $value) {
376
- if (is_bool($value) || in_array($value, array('0', '1'))) {
377
- $access[$key] = ($value ? 1 : 0); //TODO - to support legacy
378
- } else {
379
- $access[$key] = $value;
380
- }
381
  }
382
  $metadata = array('overwritten' => $object->isOverwritten());
383
  }
384
 
385
- return json_encode(array(
386
  'access' => $access,
387
  'meta' => $metadata,
388
  'preview' => $this->preparePreviewValues($access)
@@ -413,7 +430,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
413
  protected function getPreviewValue($option, $val) {
414
  switch($option) {
415
  case 'frontend.teaser':
416
- $str = strip_tags($val);
417
  if (function_exists('mb_strlen')) {
418
  $preview = (mb_strlen($str) > 25 ? mb_substr($str, 0, 22) . '...' : $str);
419
  } else {
@@ -424,11 +441,11 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
424
  case 'frontend.location':
425
  if (!empty($val)) {
426
  $chunks = explode('|', $val);
427
- if ($chunks[0] == 'page') {
428
  $preview = __('Existing Page', AAM_KEY);
429
- } elseif ($chunks[0] == 'url') {
430
  $preview = __('Valid URL', AAM_KEY);
431
- } elseif ($chunks[0] == 'callback') {
432
  $preview = __('Custom Callback', AAM_KEY);
433
  }
434
  }
@@ -465,7 +482,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
465
 
466
  $result = $subject->save($param, $value, $object, $id);
467
 
468
- return json_encode(array(
469
  'status' => ($result ? 'success' : 'failure'),
470
  'value' => $value,
471
  'preview' => $this->getPreviewValue($param, $value)
@@ -492,7 +509,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
492
  $result = false;
493
  }
494
 
495
- return json_encode(array('status' => ($result ? 'success' : 'failure')));
496
  }
497
 
498
  /**
@@ -522,7 +539,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
522
 
523
  $filtered = array();
524
  foreach($list as $option => $data) {
525
- $add = empty($data['exclude']) || !in_array($subject, $data['exclude']);
526
 
527
  if ($add) {
528
  $add = empty($data['config']) || AAM_Core_Config::get($data['config'], true);
@@ -543,9 +560,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
543
  */
544
  public static function renderAccessForm() {
545
  ob_start();
546
- require_once(
547
- AAM_BASEDIR . '/Application/Backend/phtml/partial/post-access-form.phtml'
548
- );
549
  $content = ob_get_contents();
550
  ob_end_clean();
551
 
@@ -594,7 +609,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
594
  AAM_Core_Subject_Visitor::UID,
595
  AAM_Core_Subject_Default::UID
596
  ),
597
- 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl',
598
  'view' => __CLASS__
599
  ));
600
  }
79
  $all = AAM_Core_Config::get('core.settings.manageHiddenPostTypes', false);
80
 
81
  foreach (get_post_types(array(), 'objects') as $type) {
82
+ if (($all || $type->show_ui)
83
  && (empty($s) || stripos($type->labels->name, $s) !== false)) {
84
+ $filtered[$type->label] = $type;
85
  }
86
  }
87
 
88
+ $this->getOrderDirection() === 'ASC' ? ksort($filtered) : krsort($filtered);
89
+
90
  return (object) array(
91
  'total' => count($list),
92
  'filtered' => count($filtered),
93
  'records' => array_slice($filtered, $start, $length)
94
  );
95
  }
96
+
97
+ /**
98
+ *
99
+ * @return type
100
+ */
101
+ protected function getOrderDirection() {
102
+ $dir = 'asc';
103
+ $order = AAM_Core_Request::post('order.0');
104
+
105
+ if (!empty($order['column']) && ($order['column'] === '3')) {
106
+ $dir = !empty($order['dir']) ? $order['dir'] : 'asc';
107
+ }
108
+
109
+ return strtoupper($dir);
110
+ }
111
 
112
  /**
113
  * Get post type children
173
  array(
174
  'link' => false,
175
  'format' => 'name',
176
+ 'separator' => '/',
177
  'inclusive' => false
178
  )
179
+ ), '/'),
180
  apply_filters(
181
  'aam-term-override-status',
182
  false,
207
  //first retrieve all hierarchical terms that belong to Post Type
208
  if ($paging['terms']) {
209
  $list = $this->retrieveTermList(
210
+ $this->getTypeTaxonomies($type),
211
+ $s,
212
+ $paging['term_offset'],
213
+ $paging['terms']
214
  );
215
  }
216
 
219
  $list = array_merge(
220
  $list,
221
  $this->retrievePostList(
222
+ $type, $s, $paging['post_offset'], $paging['posts']
223
  )
224
  );
225
  }
304
  protected function getPostCount($type, $search) {
305
  global $wpdb;
306
 
307
+ $query = "SELECT COUNT(*) AS total FROM {$wpdb->posts} ";
308
  $query .= "WHERE (post_type = %s) AND (post_title LIKE %s)";
309
 
310
  $args = array($type, "{$search}%");
333
  'search' => $search,
334
  'taxonomy' => $taxonomies,
335
  'offset' => $offset,
336
+ 'number' => $limit,
337
+ 'order' => $this->getOrderDirection()
338
  );
339
 
340
  return get_terms($args);
350
  */
351
  protected function retrievePostList($type, $search, $offset, $limit) {
352
  return get_posts(array(
353
+ 'post_type' => $type,
354
+ 'category' => 0,
355
+ 's' => $search,
356
+ 'suppress_filters' => true,
357
+ 'offset' => $offset,
358
+ 'numberposts' => $limit,
359
+ 'orderby' => 'title',
360
+ 'order' => $this->getOrderDirection(),
361
+ 'post_status' => 'any',
362
+ 'fields' => 'all'
363
  ));
364
  }
365
 
375
  protected function wrapTable($response) {
376
  $response['draw'] = AAM_Core_Request::request('draw');
377
 
378
+ return wp_json_encode($response);
379
  }
380
 
381
  /**
394
  //prepare the response object
395
  if (is_a($object, 'AAM_Core_Object')) {
396
  foreach($object->getOption() as $key => $value) {
397
+ $access[$key] = in_array($value, array(1, '1', true, "true"), true);
 
 
 
 
398
  }
399
  $metadata = array('overwritten' => $object->isOverwritten());
400
  }
401
 
402
+ return wp_json_encode(array(
403
  'access' => $access,
404
  'meta' => $metadata,
405
  'preview' => $this->preparePreviewValues($access)
430
  protected function getPreviewValue($option, $val) {
431
  switch($option) {
432
  case 'frontend.teaser':
433
+ $str = wp_strip_all_tags($val);
434
  if (function_exists('mb_strlen')) {
435
  $preview = (mb_strlen($str) > 25 ? mb_substr($str, 0, 22) . '...' : $str);
436
  } else {
441
  case 'frontend.location':
442
  if (!empty($val)) {
443
  $chunks = explode('|', $val);
444
+ if ($chunks[0] === 'page') {
445
  $preview = __('Existing Page', AAM_KEY);
446
+ } elseif ($chunks[0] === 'url') {
447
  $preview = __('Valid URL', AAM_KEY);
448
+ } elseif ($chunks[0] === 'callback') {
449
  $preview = __('Custom Callback', AAM_KEY);
450
  }
451
  }
482
 
483
  $result = $subject->save($param, $value, $object, $id);
484
 
485
+ return wp_json_encode(array(
486
  'status' => ($result ? 'success' : 'failure'),
487
  'value' => $value,
488
  'preview' => $this->getPreviewValue($param, $value)
509
  $result = false;
510
  }
511
 
512
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
513
  }
514
 
515
  /**
539
 
540
  $filtered = array();
541
  foreach($list as $option => $data) {
542
+ $add = empty($data['exclude']) || !in_array($subject, $data['exclude'], true);
543
 
544
  if ($add) {
545
  $add = empty($data['config']) || AAM_Core_Config::get($data['config'], true);
560
  */
561
  public static function renderAccessForm() {
562
  ob_start();
563
+ require_once AAM_BASEDIR . '/Application/Backend/phtml/partial/post-access-form.phtml';
 
 
564
  $content = ob_get_contents();
565
  ob_end_clean();
566
 
609
  AAM_Core_Subject_Visitor::UID,
610
  AAM_Core_Subject_Default::UID
611
  ),
612
+ 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl,core.settings.apiAccessControl',
613
  'view' => __CLASS__
614
  ));
615
  }
Application/Backend/Feature/Main/Redirect.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Backend_Feature_Main_Redirect extends AAM_Backend_Feature_Abstract {
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance();
24
 
25
- return $subject->getUID() == AAM_Core_Subject_Default::UID;
26
  }
27
 
28
  /**
@@ -32,7 +32,7 @@ class AAM_Backend_Feature_Main_Redirect extends AAM_Backend_Feature_Abstract {
32
  public function isVisitor() {
33
  $subject = AAM_Backend_Subject::getInstance();
34
 
35
- return $subject->getUID() == AAM_Core_Subject_Visitor::UID;
36
  }
37
 
38
  /**
22
  public function isDefault() {
23
  $subject = AAM_Backend_Subject::getInstance();
24
 
25
+ return $subject->getUID() === AAM_Core_Subject_Default::UID;
26
  }
27
 
28
  /**
32
  public function isVisitor() {
33
  $subject = AAM_Backend_Subject::getInstance();
34
 
35
+ return $subject->getUID() === AAM_Core_Subject_Visitor::UID;
36
  }
37
 
38
  /**
Application/Backend/Feature/Main/Route.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
22
  public function getTable() {
23
  $response = array('data' => $this->retrieveAllRoutes());
24
 
25
- return json_encode($response);
26
  }
27
 
28
  /**
@@ -39,7 +39,7 @@ class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
39
 
40
  $object->save($type, $route, $method, $value);
41
 
42
- return json_encode(array('status' => 'success'));
43
  }
44
 
45
  /**
22
  public function getTable() {
23
  $response = array('data' => $this->retrieveAllRoutes());
24
 
25
+ return wp_json_encode($response);
26
  }
27
 
28
  /**
39
 
40
  $object->save($type, $route, $method, $value);
41
 
42
+ return wp_json_encode(array('status' => 'success'));
43
  }
44
 
45
  /**
Application/Backend/Feature/Main/Toolbar.php CHANGED
@@ -32,7 +32,7 @@ class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
32
 
33
  $object->save();
34
 
35
- return json_encode(array('status' => 'success'));
36
  }
37
 
38
  /**
@@ -59,7 +59,7 @@ class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
59
  $children = array();
60
 
61
  foreach($branch->children as $child) {
62
- if (empty($child->type) || !in_array($child->type, array('container', 'group'))) {
63
  $children[] = $child;
64
  }
65
  if(!empty($child->children)) {
@@ -81,45 +81,12 @@ class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
81
  preg_replace(
82
  '/[\d]/',
83
  '',
84
- strip_tags(!empty($node->title) ? $node->title : $node->id)
85
  )
86
  )
87
  );
88
  }
89
 
90
- /**
91
- *
92
- * @return type
93
- */
94
- public function refreshList() {
95
- // reset cache
96
- AAM_Core_API::deleteOption('aam_toolbar_cache');
97
-
98
- //grab toolbar itesm
99
- AAM_Core_API::cURL($this->addHttpPasswd(
100
- add_query_arg('init', 'toolbar', admin_url('index.php')))
101
- );
102
-
103
- return json_encode(array('status' => 'success'));
104
- }
105
-
106
- /**
107
- *
108
- * @param type $url
109
- * @return type
110
- */
111
- protected function addHttpPasswd($url) {
112
- $htpasswd = AAM_Core_Config::get('feature.toolbar.htpasswd');
113
-
114
- if (!empty($htpasswd['user']) && !empty($htpasswd['pass'])) {
115
- $url = preg_replace(
116
- '/^(http[s]?:\/\/)/', "$1{$htpasswd['user']}:{$htpasswd['pass']}@", $url
117
- );
118
- }
119
-
120
- return $url;
121
- }
122
-
123
  /**
124
  * @inheritdoc
125
  */
32
 
33
  $object->save();
34
 
35
+ return wp_json_encode(array('status' => 'success'));
36
  }
37
 
38
  /**
59
  $children = array();
60
 
61
  foreach($branch->children as $child) {
62
+ if (empty($child->type) || !in_array($child->type, array('container', 'group'), true)) {
63
  $children[] = $child;
64
  }
65
  if(!empty($child->children)) {
81
  preg_replace(
82
  '/[\d]/',
83
  '',
84
+ wp_strip_all_tags(!empty($node->title) ? $node->title : $node->id)
85
  )
86
  )
87
  );
88
  }
89
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
90
  /**
91
  * @inheritdoc
92
  */
Application/Backend/Feature/Settings/Core.php CHANGED
@@ -28,6 +28,11 @@ class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
28
  */
29
  protected function getList() {
30
  $settings = array(
 
 
 
 
 
31
  'core.settings.editCapabilities' => array(
32
  'title' => __('Edit/Delete Capabilities', AAM_KEY),
33
  'descr' => AAM_Backend_View_Helper::preparePhrase('Allow to edit or delete any existing capability on the Capabilities tab. [Warning!] For experienced users only. Changing or deleting capability may result in loosing access to some features or even the entire website.', 'b'),
@@ -77,6 +82,16 @@ class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
77
  'title' => __('JWT Authentication', AAM_KEY),
78
  'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTful API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),
79
  'value' => AAM_Core_Config::get('core.settings.jwtAuthentication', false)
 
 
 
 
 
 
 
 
 
 
80
  )
81
  );
82
 
28
  */
29
  protected function getList() {
30
  $settings = array(
31
+ 'core.settings.getStarted' => array(
32
+ 'title' => __('Get Started Tab', AAM_KEY),
33
+ 'descr' => __('Display the "Get Started" feature on the Main panel. You can disable this feature to remove the extra tab when you get familiar with core access control concepts.', AAM_KEY),
34
+ 'value' => AAM_Core_Config::get('core.settings.getStarted', true)
35
+ ),
36
  'core.settings.editCapabilities' => array(
37
  'title' => __('Edit/Delete Capabilities', AAM_KEY),
38
  'descr' => AAM_Backend_View_Helper::preparePhrase('Allow to edit or delete any existing capability on the Capabilities tab. [Warning!] For experienced users only. Changing or deleting capability may result in loosing access to some features or even the entire website.', 'b'),
82
  'title' => __('JWT Authentication', AAM_KEY),
83
  'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTful API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),
84
  'value' => AAM_Core_Config::get('core.settings.jwtAuthentication', false)
85
+ ),
86
+ 'core.settings.extensionSupport' => array(
87
+ 'title' => __('Support AAM Extensions', AAM_KEY),
88
+ 'descr' => __('AAM comes with the limited list of premium and free extensions that significantly enhance AAM behavior. You can disable support for AAM extension and any already installed extension will no longer be loaded during the website execution as well as website administrator will not be able to install new extensions.', AAM_KEY),
89
+ 'value' => AAM_Core_Config::get('core.settings.extensionSupport', true)
90
+ ),
91
+ 'core.settings.cron' => array(
92
+ 'title' => __('AAM Cron Job', AAM_KEY),
93
+ 'descr' => __('AAM cron job executes periodically (typically once a day) to check for available updates for already installed extensions. Cron job is not executed if there are no installed extensions.', AAM_KEY),
94
+ 'value' => AAM_Core_Config::get('core.settings.cron', true)
95
  )
96
  );
97
 
Application/Backend/Feature/Settings/Manager.php CHANGED
@@ -28,7 +28,7 @@ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
28
 
29
  AAM_Core_Config::set($param, $value);
30
 
31
- return json_encode(array('status' => 'success'));
32
  }
33
 
34
  /**
@@ -43,7 +43,7 @@ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
43
 
44
  AAM_Core_Config::delete($param);
45
 
46
- return json_encode(array('status' => 'success'));
47
  }
48
 
49
  }
28
 
29
  AAM_Core_Config::set($param, $value);
30
 
31
+ return wp_json_encode(array('status' => 'success'));
32
  }
33
 
34
  /**
43
 
44
  AAM_Core_Config::delete($param);
45
 
46
+ return wp_json_encode(array('status' => 'success'));
47
  }
48
 
49
  }
Application/Backend/Feature/Settings/Tools.php CHANGED
@@ -31,9 +31,9 @@ class AAM_Backend_Feature_Settings_Tools extends AAM_Backend_Feature_Abstract {
31
  'feature.export', array('system' => 'roles,utilities,configpress')
32
  ));
33
 
34
- return json_encode(array(
35
  'status' => 'success',
36
- 'content' => base64_encode(json_encode($exporter->run()))
37
  ));
38
  }
39
 
@@ -44,7 +44,7 @@ class AAM_Backend_Feature_Settings_Tools extends AAM_Backend_Feature_Abstract {
44
  public function import() {
45
  $importer = new AAM_Core_Importer(filter_input(INPUT_POST, 'json'));
46
 
47
- return json_encode(array('status' => $importer->run()));
48
  }
49
 
50
  /**
@@ -59,7 +59,7 @@ class AAM_Backend_Feature_Settings_Tools extends AAM_Backend_Feature_Abstract {
59
  public function clear() {
60
  AAM_Core_API::clearSettings();
61
 
62
- return json_encode(array('status' => 'success'));
63
  }
64
 
65
  /**
@@ -69,7 +69,7 @@ class AAM_Backend_Feature_Settings_Tools extends AAM_Backend_Feature_Abstract {
69
  public function clearCache() {
70
  AAM_Core_API::clearCache();
71
 
72
- return json_encode(array('status' => 'success'));
73
  }
74
 
75
  /**
@@ -81,12 +81,12 @@ class AAM_Backend_Feature_Settings_Tools extends AAM_Backend_Feature_Abstract {
81
  */
82
  public static function register() {
83
  AAM_Backend_Feature::registerFeature((object) array(
84
- 'uid' => 'settings-tools',
85
- 'position' => 10,
86
- 'title' => __('Tools', AAM_KEY),
87
  'capability' => 'aam_manage_settings',
88
- 'type' => 'settings',
89
- 'view' => __CLASS__
90
  ));
91
  }
92
 
31
  'feature.export', array('system' => 'roles,utilities,configpress')
32
  ));
33
 
34
+ return wp_json_encode(array(
35
  'status' => 'success',
36
+ 'content' => base64_encode(wp_json_encode($exporter->run()))
37
  ));
38
  }
39
 
44
  public function import() {
45
  $importer = new AAM_Core_Importer(filter_input(INPUT_POST, 'json'));
46
 
47
+ return wp_json_encode($importer->run());
48
  }
49
 
50
  /**
59
  public function clear() {
60
  AAM_Core_API::clearSettings();
61
 
62
+ return wp_json_encode(array('status' => 'success'));
63
  }
64
 
65
  /**
69
  public function clearCache() {
70
  AAM_Core_API::clearCache();
71
 
72
+ return wp_json_encode(array('status' => 'success'));
73
  }
74
 
75
  /**
81
  */
82
  public static function register() {
83
  AAM_Backend_Feature::registerFeature((object) array(
84
+ 'uid' => 'settings-tools',
85
+ 'position' => 10,
86
+ 'title' => __('Tools', AAM_KEY),
87
  'capability' => 'aam_manage_settings',
88
+ 'type' => 'settings',
89
+ 'view' => __CLASS__
90
  ));
91
  }
92
 
Application/Backend/Feature/Subject/Role.php CHANGED
@@ -64,7 +64,7 @@ class AAM_Backend_Feature_Subject_Role {
64
  );
65
  }
66
 
67
- return json_encode(apply_filters('aam-get-role-list-filter', $response));
68
  }
69
 
70
  /**
@@ -94,7 +94,7 @@ class AAM_Backend_Feature_Subject_Role {
94
  * @return string
95
  */
96
  public function getList(){
97
- return json_encode(
98
  apply_filters('aam-get-role-list-filter', $this->fetchRoleList())
99
  );
100
  }
@@ -116,7 +116,7 @@ class AAM_Backend_Feature_Subject_Role {
116
 
117
  foreach ($roles as $id => $role) {
118
  $match = preg_match('/^' . $search . '/i', $role['name']);
119
- if (($exclude != $id) && (!$search || $match)) {
120
  $response[$id] = $role;
121
  }
122
  }
@@ -169,7 +169,7 @@ class AAM_Backend_Feature_Subject_Role {
169
  }
170
  }
171
 
172
- return json_encode($response);
173
  }
174
 
175
  /**
@@ -234,7 +234,7 @@ class AAM_Backend_Feature_Subject_Role {
234
  $response = array('status' => 'failure');
235
  }
236
 
237
- return json_encode($response);
238
  }
239
 
240
  /**
@@ -253,7 +253,7 @@ class AAM_Backend_Feature_Subject_Role {
253
  }
254
  }
255
 
256
- return json_encode(array('status' => $status));
257
  }
258
 
259
  }
64
  );
65
  }
66
 
67
+ return wp_json_encode(apply_filters('aam-get-role-list-filter', $response));
68
  }
69
 
70
  /**
94
  * @return string
95
  */
96
  public function getList(){
97
+ return wp_json_encode(
98
  apply_filters('aam-get-role-list-filter', $this->fetchRoleList())
99
  );
100
  }
116
 
117
  foreach ($roles as $id => $role) {
118
  $match = preg_match('/^' . $search . '/i', $role['name']);
119
+ if (($exclude !== $id) && (!$search || $match)) {
120
  $response[$id] = $role;
121
  }
122
  }
169
  }
170
  }
171
 
172
+ return wp_json_encode($response);
173
  }
174
 
175
  /**
234
  $response = array('status' => 'failure');
235
  }
236
 
237
+ return wp_json_encode($response);
238
  }
239
 
240
  /**
253
  }
254
  }
255
 
256
+ return wp_json_encode(array('status' => $status));
257
  }
258
 
259
  }
Application/Backend/Feature/Subject/User.php CHANGED
@@ -47,7 +47,7 @@ class AAM_Backend_Feature_Subject_User {
47
  }
48
  }
49
 
50
- return json_encode($response);
51
  }
52
 
53
  /**
@@ -79,7 +79,7 @@ class AAM_Backend_Feature_Subject_User {
79
  }
80
  }
81
 
82
- return json_encode($response);
83
  }
84
 
85
  /**
@@ -136,7 +136,7 @@ class AAM_Backend_Feature_Subject_User {
136
  }
137
  }
138
 
139
- return json_encode(array('status' => ($result ? 'success' : 'failure')));
140
  }
141
 
142
  /**
47
  }
48
  }
49
 
50
+ return wp_json_encode($response);
51
  }
52
 
53
  /**
79
  }
80
  }
81
 
82
+ return wp_json_encode($response);
83
  }
84
 
85
  /**
136
  }
137
  }
138
 
139
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
140
  }
141
 
142
  /**
Application/Backend/Filter.php CHANGED
@@ -102,14 +102,13 @@ class AAM_Backend_Filter {
102
  //make sure that nobody is playing with screen options
103
  if (is_a($post, 'WP_Post')) {
104
  $screen = $post->post_type;
105
- } elseif ($screen_object = get_current_screen()) {
106
- $screen = $screen_object->id;
107
  } else {
108
- $screen = '';
 
109
  }
110
 
111
- if (AAM_Core_Request::get('init') != 'metabox') {
112
- if ($screen != 'widgets') {
113
  AAM::getUser()->getObject('metabox')->filterBackend($screen);
114
  } else {
115
  AAM::getUser()->getObject('metabox')->filterAppearanceWidgets();
@@ -188,7 +187,7 @@ class AAM_Backend_Filter {
188
  protected function isAllowed($action, $object) {
189
  $edit = $object->has($action);
190
  $others = $object->has("{$action}_others");
191
- $author = ($object->post_author == get_current_user_id());
192
 
193
  return ($edit || ($others && !$author)) ? false : true;
194
  }
@@ -233,7 +232,7 @@ class AAM_Backend_Filter {
233
  public function prePostUpdate($id, $data) {
234
  $post = get_post($id);
235
 
236
- if ($post->post_author != $data['post_author']) {
237
  AAM_Core_API::clearCache();
238
  }
239
  }
@@ -254,7 +253,7 @@ class AAM_Backend_Filter {
254
  $roleLevel = AAM_Core_API::maxLevel($role['capabilities']);
255
  if ($userLevel < $roleLevel) {
256
  unset($roles[$id]);
257
- } elseif ($userLevel == $roleLevel && $this->filterSameLevel()) {
258
  unset($roles[$id]);
259
  }
260
  }
@@ -298,7 +297,7 @@ class AAM_Backend_Filter {
298
  $roleMax = AAM_Core_API::maxLevel($role->capabilities);
299
  if ($roleMax > $max ) {
300
  $exclude[] = $id;
301
- } elseif ($roleMax == $max && $this->filterSameLevel()) {
302
  $exclude[] = $id;
303
  }
304
  }
@@ -324,7 +323,7 @@ class AAM_Backend_Filter {
324
  if (isset($views[$id])) {
325
  if ($roleMax > $max) {
326
  unset($views[$id]);
327
- } elseif ($roleMax == $max && $this->filterSameLevel()) {
328
  unset($views[$id]);
329
  }
330
  }
102
  //make sure that nobody is playing with screen options
103
  if (is_a($post, 'WP_Post')) {
104
  $screen = $post->post_type;
 
 
105
  } else {
106
+ $screen_object = get_current_screen();
107
+ $screen = ($screen_object ? $screen_object->id : '');
108
  }
109
 
110
+ if (AAM_Core_Request::get('init') !== 'metabox') {
111
+ if ($screen !== 'widgets') {
112
  AAM::getUser()->getObject('metabox')->filterBackend($screen);
113
  } else {
114
  AAM::getUser()->getObject('metabox')->filterAppearanceWidgets();
187
  protected function isAllowed($action, $object) {
188
  $edit = $object->has($action);
189
  $others = $object->has("{$action}_others");
190
+ $author = ($object->post_author === get_current_user_id());
191
 
192
  return ($edit || ($others && !$author)) ? false : true;
193
  }
232
  public function prePostUpdate($id, $data) {
233
  $post = get_post($id);
234
 
235
+ if ($post->post_author !== intval($data['post_author'])) {
236
  AAM_Core_API::clearCache();
237
  }
238
  }
253
  $roleLevel = AAM_Core_API::maxLevel($role['capabilities']);
254
  if ($userLevel < $roleLevel) {
255
  unset($roles[$id]);
256
+ } elseif ($userLevel === $roleLevel && $this->filterSameLevel()) {
257
  unset($roles[$id]);
258
  }
259
  }
297
  $roleMax = AAM_Core_API::maxLevel($role->capabilities);
298
  if ($roleMax > $max ) {
299
  $exclude[] = $id;
300
+ } elseif ($roleMax === $max && $this->filterSameLevel()) {
301
  $exclude[] = $id;
302
  }
303
  }
323
  if (isset($views[$id])) {
324
  if ($roleMax > $max) {
325
  unset($views[$id]);
326
+ } elseif ($roleMax === $max && $this->filterSameLevel()) {
327
  unset($views[$id]);
328
  }
329
  }
Application/Backend/Manager.php CHANGED
@@ -108,7 +108,7 @@ class AAM_Backend_Manager {
108
  add_action('admin_init', array($this, 'adminInit'));
109
 
110
  //admin toolbar
111
- if (filter_input(INPUT_GET, 'init') == 'toolbar') {
112
  add_action('wp_after_admin_bar_render', array($this, 'adminBar'));
113
  }
114
 
@@ -125,7 +125,7 @@ class AAM_Backend_Manager {
125
 
126
  AAM_Extension_Repository::getInstance()->hasUpdates();
127
 
128
- if (version_compare(PHP_VERSION, '5.3.0') == -1) {
129
  AAM_Core_Console::add(
130
  'AAM requires PHP version 5.3.0 or higher to function properly'
131
  );
@@ -139,7 +139,7 @@ class AAM_Backend_Manager {
139
  * @return type
140
  */
141
  public function mapMetaCap($caps, $cap) {
142
- if (in_array($cap, AAM_Backend_Feature_Main_Capability::$groups['aam'])) {
143
  if (!AAM_Core_API::capabilityExists($cap)) {
144
  $caps = array(AAM_Core_Config::get('page.capability', 'administrator'));
145
  }
@@ -178,7 +178,7 @@ class AAM_Backend_Manager {
178
  $user = get_user_by('ID', $id);
179
 
180
  //role changed?
181
- if (implode('', $user->roles) != implode('', $old->roles)) {
182
  AAM_Core_API::clearCache(new AAM_Core_Subject_User($id));
183
 
184
  //check if role has expiration data set
@@ -256,7 +256,7 @@ class AAM_Backend_Manager {
256
  public function handleLogin() {
257
  $login = AAM_Core_Login::getInstance();
258
 
259
- echo json_encode($login->execute());
260
  exit;
261
  }
262
 
@@ -326,7 +326,7 @@ class AAM_Backend_Manager {
326
  *
327
  */
328
  protected function checkUserSwitch() {
329
- if (AAM_Core_Request::get('action') == 'aam-switch-back') {
330
  $current = get_current_user_id();
331
  $uid = AAM_Core_API::getOption('aam-user-switch-' . $current);
332
  $redirect = admin_url('admin.php?page=aam&user=' . $current);
@@ -360,11 +360,9 @@ class AAM_Backend_Manager {
360
  'index.php?action=aam-switch-back', 'aam-switch-' . $uid
361
  );
362
 
363
- $style = 'padding: 10px; font-weight: 700; letter-spacing:0.5px;';
364
-
365
  echo '<div class="updated notice">';
366
- echo '<p style="' . $style . '">';
367
- echo sprintf('Switch back to <a href="%s">%s</a>.', $url, $name);
368
  echo '</p></div>';
369
  }
370
  }
@@ -411,7 +409,7 @@ class AAM_Backend_Manager {
411
 
412
  // do some cleanup
413
  foreach($cache as $i => $node) {
414
- if ($node->id == 'menu-toggle') {
415
  unset($cache[$i]);
416
  }
417
  }
@@ -458,14 +456,13 @@ class AAM_Backend_Manager {
458
  public function initMetaboxes() {
459
  global $post;
460
 
461
- if (AAM_Core_Request::get('init') == 'metabox') {
462
  //make sure that nobody is playing with screen options
463
  if (is_a($post, 'WP_Post')) {
464
  $screen = $post->post_type;
465
- } elseif ($screen_object = get_current_screen()) {
466
- $screen = $screen_object->id;
467
  } else {
468
- $screen = '';
 
469
  }
470
 
471
  $model = new AAM_Backend_Feature_Main_Metabox;
@@ -591,8 +588,8 @@ class AAM_Backend_Manager {
591
  $subject = AAM_Backend_Subject::getInstance();
592
 
593
  $locals = array(
594
- 'nonce' => wp_create_nonce('aam_ajax'),
595
- 'ajaxurl' => admin_url('admin-ajax.php'),
596
  'url' => array(
597
  'site' => admin_url('index.php'),
598
  'editUser' => admin_url('user-edit.php'),
108
  add_action('admin_init', array($this, 'adminInit'));
109
 
110
  //admin toolbar
111
+ if (filter_input(INPUT_GET, 'init') === 'toolbar') {
112
  add_action('wp_after_admin_bar_render', array($this, 'adminBar'));
113
  }
114
 
125
 
126
  AAM_Extension_Repository::getInstance()->hasUpdates();
127
 
128
+ if (version_compare(PHP_VERSION, '5.3.0') === -1) {
129
  AAM_Core_Console::add(
130
  'AAM requires PHP version 5.3.0 or higher to function properly'
131
  );
139
  * @return type
140
  */
141
  public function mapMetaCap($caps, $cap) {
142
+ if (in_array($cap, AAM_Backend_Feature_Main_Capability::$groups['aam'], true)) {
143
  if (!AAM_Core_API::capabilityExists($cap)) {
144
  $caps = array(AAM_Core_Config::get('page.capability', 'administrator'));
145
  }
178
  $user = get_user_by('ID', $id);
179
 
180
  //role changed?
181
+ if (implode('', $user->roles) !== implode('', $old->roles)) {
182
  AAM_Core_API::clearCache(new AAM_Core_Subject_User($id));
183
 
184
  //check if role has expiration data set
256
  public function handleLogin() {
257
  $login = AAM_Core_Login::getInstance();
258
 
259
+ echo wp_json_encode($login->execute());
260
  exit;
261
  }
262
 
326
  *
327
  */
328
  protected function checkUserSwitch() {
329
+ if (AAM_Core_Request::get('action') === 'aam-switch-back') {
330
  $current = get_current_user_id();
331
  $uid = AAM_Core_API::getOption('aam-user-switch-' . $current);
332
  $redirect = admin_url('admin.php?page=aam&user=' . $current);
360
  'index.php?action=aam-switch-back', 'aam-switch-' . $uid
361
  );
362
 
 
 
363
  echo '<div class="updated notice">';
364
+ echo '<p style="padding: 10px; font-weight: 700; letter-spacing:0.5px;">';
365
+ echo sprintf('Switch back to <a href="%s">%s</a>.', $url, esc_js($name));
366
  echo '</p></div>';
367
  }
368
  }
409
 
410
  // do some cleanup
411
  foreach($cache as $i => $node) {
412
+ if ($node->id === 'menu-toggle') {
413
  unset($cache[$i]);
414
  }
415
  }
456
  public function initMetaboxes() {
457
  global $post;
458
 
459
+ if (AAM_Core_Request::get('init') === 'metabox') {
460
  //make sure that nobody is playing with screen options
461
  if (is_a($post, 'WP_Post')) {
462
  $screen = $post->post_type;
 
 
463
  } else {
464
+ $screen_object = get_current_screen();
465
+ $screen = ($screen_object ? $screen_object->id : '');
466
  }
467
 
468
  $model = new AAM_Backend_Feature_Main_Metabox;
588
  $subject = AAM_Backend_Subject::getInstance();
589
 
590
  $locals = array(
591
+ 'nonce' => wp_create_nonce('aam_ajax'),
592
+ 'ajaxurl' => admin_url('admin-ajax.php'),
593
  'url' => array(
594
  'site' => admin_url('index.php'),
595
  'editUser' => admin_url('user-edit.php'),
Application/Backend/View.php CHANGED
@@ -33,6 +33,7 @@ class AAM_Backend_View {
33
  */
34
  protected function __construct() {
35
  //register default features
 
36
  AAM_Backend_Feature_Main_Menu::register();
37
  AAM_Backend_Feature_Main_Toolbar::register();
38
  AAM_Backend_Feature_Main_Metabox::register();
@@ -63,7 +64,7 @@ class AAM_Backend_View {
63
  */
64
  public function renderPage() {
65
  ob_start();
66
- require_once(dirname(__FILE__) . '/phtml/index.phtml');
67
  $content = ob_get_contents();
68
  ob_end_clean();
69
 
@@ -79,7 +80,7 @@ class AAM_Backend_View {
79
  */
80
  public function renderAccessFrame() {
81
  ob_start();
82
- require_once(dirname(__FILE__) . '/phtml/metabox/metabox-content.phtml');
83
  $content = ob_get_contents();
84
  ob_end_clean();
85
 
@@ -93,7 +94,7 @@ class AAM_Backend_View {
93
  */
94
  public function renderPostMetabox($post) {
95
  ob_start();
96
- require_once(dirname(__FILE__) . '/phtml/metabox/post-metabox.phtml');
97
  $content = ob_get_contents();
98
  ob_end_clean();
99
 
@@ -107,7 +108,7 @@ class AAM_Backend_View {
107
  */
108
  public function renderTermMetabox($term) {
109
  ob_start();
110
- require_once(dirname(__FILE__) . '/phtml/metabox/term-metabox.phtml');
111
  $content = ob_get_contents();
112
  ob_end_clean();
113
 
@@ -129,7 +130,7 @@ class AAM_Backend_View {
129
 
130
  if (method_exists($this, $parts[0])) {
131
  $response = call_user_func(array($this, $parts[0]));
132
- } elseif (count($parts) == 2) { //cover the Model.method pattern
133
  try {
134
  $classname = 'AAM_Backend_Feature_' . $parts[0];
135
  if (class_exists($classname)) {
@@ -162,12 +163,12 @@ class AAM_Backend_View {
162
 
163
  if (is_null($content)) {
164
  ob_start();
165
- if ($type == 'extensions') {
166
  AAM_Backend_Feature_Extension_Manager::getInstance()->render();
167
- } elseif ($type == 'postform') {
168
  echo AAM_Backend_Feature_Main_Post::renderAccessForm();
169
  } else {
170
- require_once(dirname(__FILE__) . '/phtml/main-panel.phtml');
171
  }
172
  $content = ob_get_contents();
173
  ob_end_clean();
@@ -183,7 +184,7 @@ class AAM_Backend_View {
183
  */
184
  public function loadPartial($partial) {
185
  ob_start();
186
- require_once(dirname(__FILE__) . '/phtml/partial/' . $partial);
187
  $content = ob_get_contents();
188
  ob_end_clean();
189
 
@@ -210,7 +211,7 @@ class AAM_Backend_View {
210
  $param, $value, $object, $objectId
211
  );
212
 
213
- return json_encode(array('status' => ($result ? 'success' : 'failure')));
214
  }
215
 
216
  /**
@@ -250,7 +251,7 @@ class AAM_Backend_View {
250
  }
251
  }
252
 
253
- return json_encode($response);
254
  }
255
 
256
  /**
33
  */
34
  protected function __construct() {
35
  //register default features
36
+ AAM_Backend_Feature_Main_GetStarted::register();
37
  AAM_Backend_Feature_Main_Menu::register();
38
  AAM_Backend_Feature_Main_Toolbar::register();
39
  AAM_Backend_Feature_Main_Metabox::register();
64
  */
65
  public function renderPage() {
66
  ob_start();
67
+ require_once dirname(__FILE__) . '/phtml/index.phtml';
68
  $content = ob_get_contents();
69
  ob_end_clean();
70
 
80
  */
81
  public function renderAccessFrame() {
82
  ob_start();
83
+ require_once dirname(__FILE__) . '/phtml/metabox/metabox-content.phtml';
84
  $content = ob_get_contents();
85
  ob_end_clean();
86
 
94
  */
95
  public function renderPostMetabox($post) {
96
  ob_start();
97
+ require_once dirname(__FILE__) . '/phtml/metabox/post-metabox.phtml';
98
  $content = ob_get_contents();
99
  ob_end_clean();
100
 
108
  */
109
  public function renderTermMetabox($term) {
110
  ob_start();
111
+ require_once dirname(__FILE__) . '/phtml/metabox/term-metabox.phtml';
112
  $content = ob_get_contents();
113
  ob_end_clean();
114
 
130
 
131
  if (method_exists($this, $parts[0])) {
132
  $response = call_user_func(array($this, $parts[0]));
133
+ } elseif (count($parts) === 2) { //cover the Model.method pattern
134
  try {
135
  $classname = 'AAM_Backend_Feature_' . $parts[0];
136
  if (class_exists($classname)) {
163
 
164
  if (is_null($content)) {
165
  ob_start();
166
+ if ($type === 'extensions') {
167
  AAM_Backend_Feature_Extension_Manager::getInstance()->render();
168
+ } elseif ($type === 'postform') {
169
  echo AAM_Backend_Feature_Main_Post::renderAccessForm();
170
  } else {
171
+ require_once dirname(__FILE__) . '/phtml/main-panel.phtml';
172
  }
173
  $content = ob_get_contents();
174
  ob_end_clean();
184
  */
185
  public function loadPartial($partial) {
186
  ob_start();
187
+ require_once dirname(__FILE__) . '/phtml/partial/' . $partial;
188
  $content = ob_get_contents();
189
  ob_end_clean();
190
 
211
  $param, $value, $object, $objectId
212
  );
213
 
214
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
215
  }
216
 
217
  /**
251
  }
252
  }
253
 
254
+ return wp_json_encode($response);
255
  }
256
 
257
  /**
Application/Backend/Widget/Login.php CHANGED
@@ -30,11 +30,9 @@ class AAM_Backend_Widget_Login extends WP_Widget {
30
  public function widget($args, $instance) {
31
  $this->args = array_merge($args, $this->normalize($instance));
32
 
33
- require(
34
- AAM_Core_Config::get(
35
- 'feature.secureLogin.widget.template',
36
- realpath(dirname(__FILE__) . '/../phtml/widget/login-frontend.phtml')
37
- )
38
  );
39
  }
40
 
@@ -45,7 +43,7 @@ class AAM_Backend_Widget_Login extends WP_Widget {
45
  public function form($instance) {
46
  $instance = $this->normalize($instance);
47
 
48
- require(dirname(__FILE__) . '/../phtml/widget/login-backend.phtml');
49
  }
50
 
51
  /**
30
  public function widget($args, $instance) {
31
  $this->args = array_merge($args, $this->normalize($instance));
32
 
33
+ require AAM_Core_Config::get(
34
+ 'feature.secureLogin.widget.template',
35
+ realpath(dirname(__FILE__) . '/../phtml/widget/login-frontend.phtml')
 
 
36
  );
37
  }
38
 
43
  public function form($instance) {
44
  $instance = $this->normalize($instance);
45
 
46
+ require dirname(__FILE__) . '/../phtml/widget/login-backend.phtml';
47
  }
48
 
49
  /**
Application/Backend/phtml/index.phtml CHANGED
@@ -12,20 +12,11 @@
12
  <div class="postbox">
13
  <h3 class="hndle">
14
  <span><?php echo __('Main Panel', AAM_KEY); ?></span>
15
- <span class="aam-help-menu" data-target="#access-manager-inside"><i class="icon-help-circled"></i></span>
16
  </h3>
17
  <div class="inside" id="access-manager-inside">
18
  <div class="aam-postbox-inside" id="aam-content">
19
  <p class="alert alert-info text-larger text-center" id="aam-initial-load"><?php echo AAM_Backend_View_Helper::preparePhrase('[Loading AAM UI]. Please wait. If content will not load within next 30 seconds, clear your browser cache and reload the page. If still nothing, it is most likely some sort of JavaScript or CSS conflict with one your active plugins or theme. Try to deactivate all plugins and switch to any default WordPress theme to find out what causes the issue.', 'strong'); ?></p>
20
  </div>
21
- <div class="aam-help-context" >
22
- <div class="text-justify aam-large-padding">
23
- <p class="text-larger"><?php echo __('Appreciate your interest in Advanced Access Manager (AAM). With strong knowledge and experience in WordPress, AAM becomes a very powerful tool to manage access to your frontend and backend.', AAM_KEY); ?></p>
24
- <p class="text-larger"><span class="aam-highlight"><?php echo __('Please Note!', AAM_KEY); ?></span> <?php echo AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have enough knowledge in WordPress Roles & Capabilities because AAM is very closely intergrated with WordPress core. It is also very important [to have backup of your database before you start working with AAM] (there is no need to backup your files, AAM does not modify any physical files on your server and never did).', 'b'); ?></p>
25
- <p class="text-larger"><?php echo __('AAM was thoroughly tested on the fresh installation of WordPress and in the latest versions of Chrome, Safari, IE and Firefox. If you have any issues, the most typical case is the conflict with other plugins or themes.', AAM_KEY); ?></p>
26
- <p class="text-larger"><?php echo sprintf(__('Check our %sHelp%s section to find some useful articles about AAM functionality or %scontact us%s directly.', AAM_KEY), '<a href="https://aamplugin.com/help" target="_blank">', '</a>', '<a href="mailto:support@aamplugin.com">', '</a>'); ?></p>
27
- </div>
28
- </div>
29
  </div>
30
  </div>
31
  </div>
@@ -65,7 +56,7 @@
65
  <span>Settings</span>
66
  </a>
67
  <?php } ?>
68
- <?php if (current_user_can('aam_manage_extensions')) { ?>
69
  <a href="#" title="Extensions" data-type="extensions" class="aam-area">
70
  <i class="icon-cubes"></i>
71
  <span>Extensions</span>
12
  <div class="postbox">
13
  <h3 class="hndle">
14
  <span><?php echo __('Main Panel', AAM_KEY); ?></span>
 
15
  </h3>
16
  <div class="inside" id="access-manager-inside">
17
  <div class="aam-postbox-inside" id="aam-content">
18
  <p class="alert alert-info text-larger text-center" id="aam-initial-load"><?php echo AAM_Backend_View_Helper::preparePhrase('[Loading AAM UI]. Please wait. If content will not load within next 30 seconds, clear your browser cache and reload the page. If still nothing, it is most likely some sort of JavaScript or CSS conflict with one your active plugins or theme. Try to deactivate all plugins and switch to any default WordPress theme to find out what causes the issue.', 'strong'); ?></p>
19
  </div>
 
 
 
 
 
 
 
 
20
  </div>
21
  </div>
22
  </div>
56
  <span>Settings</span>
57
  </a>
58
  <?php } ?>
59
+ <?php if (AAM_Core_Config::get('core.settings.extensionSupport', true) && current_user_can('aam_manage_extensions')) { ?>
60
  <a href="#" title="Extensions" data-type="extensions" class="aam-area">
61
  <i class="icon-cubes"></i>
62
  <span>Extensions</span>
Application/Backend/phtml/main/get-started.phtml ADDED
@@ -0,0 +1,19 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php if (defined('AAM_KEY')) { ?>
2
+ <div class="aam-feature" id="get-started-content">
3
+ <div class="row">
4
+ <div class="col-xs-12">
5
+ <div class="panel panel-default">
6
+ <div class="panel-body">
7
+ <p class="text-larger"><?php echo __('Appreciate your interest in Advanced Access Manager (aka AAM). With strong knowledge and experience in WordPress, AAM becomes a very powerful tool to manage access to your frontend, backend and RESTful/XML-PRC APIs.', AAM_KEY); ?></p>
8
+ <p class="text-larger"><span class="aam-highlight"><?php echo __('Please Note!', AAM_KEY); ?></span> <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have good understanding of %sWordPress Roles & Capabilities%s because AAM is very closely integrated with WordPress core. It is also recommended to have a backup of your database before you start working with AAM. There is no need to backup your files; AAM does not modify any physical files on your server and never did.'), '<a href="https://aamplugin.com/help/wordpress-roles-and-capabilities" target="_blank">', '</a>'); ?></p>
9
+ <p class="text-larger"><?php echo sprintf(__('AAM was thoroughly tested on the fresh installation of WordPress and in the latest versions of Chrome, Safari, IE and Firefox. If you have any issues, the most typical case is a conflict with other plugins or themes. In this case please do not hesitate to contact us directly on our website %saamplugin.com%s', AAM_KEY), '<a href="https://aamplugin.com" target="_blank">', '</a>'); ?></p>
10
+ <p class="text-larger"><?php echo sprintf(__('If you are not sure where to start, please check our %s"Get Started"%s page to learn more about core concepts that will definitely help you to manage access to your WordPress website more effectively.', AAM_KEY), '<a href="https://aamplugin.com/get-started" target="_blank">', '</a>'); ?></p>
11
+ <p class="text-center"><a href="https://aamplugin.com/get-started" class="btn btn-primary" target="_blank"><?php echo __('Get Started', AAM_KEY); ?></a></p>
12
+ <p class="text-center"><small><sup>*</sup> <?php echo __('To remove the "Get Started" tab you may go to Settings Area and disable "Get Started Feature" option.', AAM_KEY); ?></small></p>
13
+ </div>
14
+ </div>
15
+ </div>
16
+ </div>
17
+ </div>
18
+ <?php
19
+ }
Application/Backend/phtml/main/metabox.phtml CHANGED
@@ -75,8 +75,7 @@
75
  <div class="row">
76
  <div class="col-xs-12 text-center">
77
  <p class="alert alert-info text-larger">
78
- <?php echo __('The list is not initialized. Click Refresh button above.'); ?><br/>
79
- <small><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('If your website requires HTTP authentication, please refer to [%sthis article%s] for additional information.', 'b'), '<a href="https://aamplugin.com/help/how-to-hide-wordpress-metaboxes-and-widgets" target="_blank">', '</a>'); ?></small>
80
  </p>
81
  </div>
82
  </div>
75
  <div class="row">
76
  <div class="col-xs-12 text-center">
77
  <p class="alert alert-info text-larger">
78
+ <?php echo __('The list is not initialized. Click Refresh button above.', AAM_KEY); ?>
 
79
  </p>
80
  </div>
81
  </div>
Application/Backend/phtml/main/post.phtml CHANGED
@@ -4,7 +4,7 @@
4
  <div class="row">
5
  <div class="col-xs-12">
6
  <p class="aam-notification">
7
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to purchase %s[AAM Plus Package]%s extension to have the ability to also manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/help/aam-plus-package-extension" target="_blank">', '</a>', '<a href="https://aamplugin.com/help/how-to-manage-access-to-the-wordpress-content" target="_blank">', '</a>'); ?>
8
  </p>
9
  </div>
10
  </div>
@@ -12,7 +12,7 @@
12
  <div class="row">
13
  <div class="col-xs-12">
14
  <p class="aam-info">
15
- <?php echo sprintf(__('Manage access to posts, pages, custom post types, categories or custom hierarchical taxonomies. For more information about this functionality check %sHow to manage access to the WordPress content%s article.'), '<a href="https://aamplugin.com/help/how-to-manage-access-to-the-wordpress-content" target="_blank">', '</a>'); ?>
16
  </p>
17
  </div>
18
  </div>
4
  <div class="row">
5
  <div class="col-xs-12">
6
  <p class="aam-notification">
7
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to purchase %s[AAM Plus Package]%s extension to have the ability to also manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/help/aam-plus-package-extension" target="_blank">', '</a>', '<a href="https://aamplugin.com/help/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
8
  </p>
9
  </div>
10
  </div>
12
  <div class="row">
13
  <div class="col-xs-12">
14
  <p class="aam-info">
15
+ <?php echo sprintf(__('Manage access to posts, pages, custom post types, categories or custom hierarchical taxonomies. For more information about this functionality check %sManage access to the WordPress Posts and Terms%s article.'), '<a href="https://aamplugin.com/help/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
16
  </p>
17
  </div>
18
  </div>
Application/Core/API.php CHANGED
@@ -31,10 +31,10 @@ final class AAM_Core_API {
31
  */
32
  public static function getOption($option, $default = FALSE, $blog_id = null) {
33
  if (is_multisite()) {
34
- if (is_null($blog_id) || get_current_blog_id() == $blog_id) {
35
  $response = self::getCachedOption($option, $default);
36
  } else {
37
- if ($blog_id == 'site') {
38
  $blog = (defined('SITE_ID_CURRENT_SITE') ? SITE_ID_CURRENT_SITE : 1);
39
  } else {
40
  $blog = $blog_id;
@@ -100,7 +100,7 @@ final class AAM_Core_API {
100
  if (is_multisite()) {
101
  if (is_null($blog_id)) {
102
  $blog = get_current_blog_id();
103
- } elseif ($blog_id == 'site') {
104
  $blog = (defined('SITE_ID_CURRENT_SITE') ? SITE_ID_CURRENT_SITE : 1);
105
  } else {
106
  $blog = $blog_id;
@@ -145,33 +145,18 @@ final class AAM_Core_API {
145
  * Initiate HTTP request
146
  *
147
  * @param string $url Requested URL
148
- * @param bool $send_cookies Wheather send cookies or not
149
  *
150
  * @return WP_Error|array
151
  *
152
  * @access public
153
  */
154
- public static function cURL($url, $send_cookies = true, $params = array(), $timeout = 20) {
155
  $header = array('User-Agent' => AAM_Core_Request::server('HTTP_USER_AGENT'));
156
 
157
- $cookies = AAM_Core_Request::cookie(null, array());
158
- $requestCookies = array();
159
- if (is_array($cookies) && $send_cookies) {
160
- foreach ($cookies as $key => $value) {
161
- //SKIP PHPSESSID - some servers don't like it for security reason
162
- if ($key !== session_name() && is_scalar($value)) {
163
- $requestCookies[] = new WP_Http_Cookie(array(
164
- 'name' => $key, 'value' => $value
165
- ));
166
- }
167
- }
168
- }
169
-
170
  return wp_remote_request($url, array(
171
  'headers' => $header,
172
  'method' => 'POST',
173
  'body' => $params,
174
- 'cookies' => $requestCookies,
175
  'timeout' => $timeout
176
  ));
177
  }
@@ -325,16 +310,16 @@ final class AAM_Core_API {
325
  * @access public
326
  */
327
  public static function reject($area = 'frontend', $args = array()) {
328
- if (AAM_Core_Request::server('REQUEST_METHOD') != 'POST') {
329
  $object = AAM::getUser()->getObject('redirect');
330
  $type = $object->get("{$area}.redirect.type");
331
 
332
- if (!empty($type) && ($type == 'login')) {
333
  $redirect = add_query_arg(
334
  array('reason' => 'restricted'),
335
  wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
336
  );
337
- } elseif (!empty($type) && ($type != 'default')) {
338
  $redirect = $object->get("{$area}.redirect.{$type}");
339
  } else { //ConfigPress setup
340
  $redirect = AAM_Core_Config::get(
@@ -344,11 +329,11 @@ final class AAM_Core_API {
344
 
345
  $doRedirect = true;
346
 
347
- if ($type == 'page') {
348
  $page = self::getCurrentPost();
349
- $doRedirect = (empty($page) || ($page->ID != $redirect));
350
- } elseif ($type == 'url') {
351
- $doRedirect = strpos($redirect, $_SERVER['REQUEST_URI']) === false;
352
  }
353
 
354
  if ($doRedirect) {
@@ -371,11 +356,11 @@ final class AAM_Core_API {
371
  * @access public
372
  */
373
  public static function redirect($rule, $args = null) {
374
- $path = parse_url($rule);
375
  if ($path && !empty($path['host'])) {
376
- wp_redirect($rule, 307);
377
  } elseif (preg_match('/^[\d]+$/', $rule)) {
378
- wp_safe_redirect(get_page_link($rule), 307);
379
  } elseif (is_callable($rule)) {
380
  call_user_func($rule, $args);
381
  } elseif (!empty($args['callback']) && is_callable($args['callback'])) {
@@ -450,9 +435,9 @@ final class AAM_Core_API {
450
  } elseif (!empty($wp_query->query['name'])) {
451
  //Important! Cover the scenario of NOT LIST but ALLOW READ
452
  if (!empty($wp_query->posts)) {
453
- foreach($wp_query->posts as $post) {
454
- if ($post->post_name == $wp_query->query['name']) {
455
- $res = $post;
456
  break;
457
  }
458
  }
31
  */
32
  public static function getOption($option, $default = FALSE, $blog_id = null) {
33
  if (is_multisite()) {
34
+ if (is_null($blog_id) || get_current_blog_id() === $blog_id) {
35
  $response = self::getCachedOption($option, $default);
36
  } else {
37
+ if ($blog_id === 'site') {
38
  $blog = (defined('SITE_ID_CURRENT_SITE') ? SITE_ID_CURRENT_SITE : 1);
39
  } else {
40
  $blog = $blog_id;
100
  if (is_multisite()) {
101
  if (is_null($blog_id)) {
102
  $blog = get_current_blog_id();
103
+ } elseif ($blog_id === 'site') {
104
  $blog = (defined('SITE_ID_CURRENT_SITE') ? SITE_ID_CURRENT_SITE : 1);
105
  } else {
106
  $blog = $blog_id;
145
  * Initiate HTTP request
146
  *
147
  * @param string $url Requested URL
 
148
  *
149
  * @return WP_Error|array
150
  *
151
  * @access public
152
  */
153
+ public static function cURL($url, $params = array(), $timeout = 20) {
154
  $header = array('User-Agent' => AAM_Core_Request::server('HTTP_USER_AGENT'));
155
 
 
 
 
 
 
 
 
 
 
 
 
 
 
156
  return wp_remote_request($url, array(
157
  'headers' => $header,
158
  'method' => 'POST',
159
  'body' => $params,
 
160
  'timeout' => $timeout
161
  ));
162
  }
310
  * @access public
311
  */
312
  public static function reject($area = 'frontend', $args = array()) {
313
+ if (AAM_Core_Request::server('REQUEST_METHOD') !== 'POST') {
314
  $object = AAM::getUser()->getObject('redirect');
315
  $type = $object->get("{$area}.redirect.type");
316
 
317
+ if (!empty($type) && ($type === 'login')) {
318
  $redirect = add_query_arg(
319
  array('reason' => 'restricted'),
320
  wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
321
  );
322
+ } elseif (!empty($type) && ($type !== 'default')) {
323
  $redirect = $object->get("{$area}.redirect.{$type}");
324
  } else { //ConfigPress setup
325
  $redirect = AAM_Core_Config::get(
329
 
330
  $doRedirect = true;
331
 
332
+ if ($type === 'page') {
333
  $page = self::getCurrentPost();
334
+ $doRedirect = (empty($page) || ($page->ID !== intval($redirect)));
335
+ } elseif ($type === 'url') {
336
+ $doRedirect = strpos($redirect, AAM_Core_Request::server('REQUEST_URI')) === false;
337
  }
338
 
339
  if ($doRedirect) {
356
  * @access public
357
  */
358
  public static function redirect($rule, $args = null) {
359
+ $path = wp_parse_url($rule);
360
  if ($path && !empty($path['host'])) {
361
+ wp_redirect($rule, 307); exit;
362
  } elseif (preg_match('/^[\d]+$/', $rule)) {
363
+ wp_safe_redirect(get_page_link($rule), 307); exit;
364
  } elseif (is_callable($rule)) {
365
  call_user_func($rule, $args);
366
  } elseif (!empty($args['callback']) && is_callable($args['callback'])) {
435
  } elseif (!empty($wp_query->query['name'])) {
436
  //Important! Cover the scenario of NOT LIST but ALLOW READ
437
  if (!empty($wp_query->posts)) {
438
+ foreach($wp_query->posts as $p) {
439
+ if ($p->post_name === $wp_query->query['name']) {
440
+ $res = $p;
441
  break;
442
  }
443
  }
Application/Core/Api/Area.php CHANGED
@@ -58,7 +58,7 @@ final class AAM_Core_Api_Area {
58
  * @return type
59
  */
60
  public static function isBackend() {
61
- return self::get() == self::BACKEND;
62
  }
63
 
64
  /**
@@ -66,7 +66,7 @@ final class AAM_Core_Api_Area {
66
  * @return type
67
  */
68
  public static function isFrontend() {
69
- return self::get() == self::FRONTEND;
70
  }
71
 
72
  /**
@@ -74,6 +74,6 @@ final class AAM_Core_Api_Area {
74
  * @return type
75
  */
76
  public static function isAPI() {
77
- return self::get() == self::API;
78
  }
79
  }
58
  * @return type
59
  */
60
  public static function isBackend() {
61
+ return self::get() === self::BACKEND;
62
  }
63
 
64
  /**
66
  * @return type
67
  */
68
  public static function isFrontend() {
69
+ return self::get() === self::FRONTEND;
70
  }
71
 
72
  /**
74
  * @return type
75
  */
76
  public static function isAPI() {
77
+ return self::get() === self::API;
78
  }
79
  }
Application/Core/Compatibility.php CHANGED
@@ -67,13 +67,12 @@ class AAM_Core_Compatibility {
67
  $changes += self::normalizeOption('single-session', 'core.settings.singleSession', $config);
68
  $changes += self::normalizeOption('brute-force-lockout', 'core.settings.bruteForceLockout', $config);
69
  $changes += self::normalizeOption('inherit-parent-post', 'core.settings.inheritParentPost', $config);
70
- //$changes += self::normalizeOption('', '', $config);
71
 
72
  if ($changes > 0) {
73
  if (is_multisite()) {
74
- $result = AAM_Core_API::updateOption('aam-utilities', $config, 'site');
75
  } else {
76
- $result = AAM_Core_API::updateOption('aam-utilities', $config);
77
  }
78
  }
79
  }
67
  $changes += self::normalizeOption('single-session', 'core.settings.singleSession', $config);
68
  $changes += self::normalizeOption('brute-force-lockout', 'core.settings.bruteForceLockout', $config);
69
  $changes += self::normalizeOption('inherit-parent-post', 'core.settings.inheritParentPost', $config);
 
70
 
71
  if ($changes > 0) {
72
  if (is_multisite()) {
73
+ AAM_Core_API::updateOption('aam-utilities', $config, 'site');
74
  } else {
75
+ AAM_Core_API::updateOption('aam-utilities', $config);
76
  }
77
  }
78
  }
Application/Core/ConfigPress/Evaluator.php CHANGED
@@ -95,10 +95,10 @@ class AAM_Core_ConfigPress_Evaluator {
95
 
96
  if (empty($chunk)) {
97
  continue; //skip empty part
98
- } elseif ($chunk == '(') {
99
  $this->index[] = ++$index;
100
  $queue[] = $this->evaluate();
101
- } elseif ($chunk == ')') {
102
  array_pop($this->index);
103
  $this->index[count($this->index) - 1] = ++$index;
104
  break;
@@ -193,7 +193,7 @@ class AAM_Core_ConfigPress_Evaluator {
193
  foreach ($this->_operators as $operators) {
194
  $i = 0;
195
  while ($i < count($queue)) {
196
- if (!is_bool($queue[$i]) && in_array($queue[$i], $operators)) {
197
  $value = $this->processOperation(
198
  $queue[$i], $queue[$i - 1], $queue[$i + 1]
199
  );
95
 
96
  if (empty($chunk)) {
97
  continue; //skip empty part
98
+ } elseif ($chunk === '(') {
99
  $this->index[] = ++$index;
100
  $queue[] = $this->evaluate();
101
+ } elseif ($chunk === ')') {
102
  array_pop($this->index);
103
  $this->index[count($this->index) - 1] = ++$index;
104
  break;
193
  foreach ($this->_operators as $operators) {
194
  $i = 0;
195
  while ($i < count($queue)) {
196
+ if (!is_bool($queue[$i]) && in_array($queue[$i], $operators, true)) {
197
  $value = $this->processOperation(
198
  $queue[$i], $queue[$i - 1], $queue[$i + 1]
199
  );
Application/Core/Exporter.php CHANGED
@@ -86,23 +86,23 @@ class AAM_Core_Exporter {
86
  global $wpdb;
87
 
88
  foreach($features as $feature) {
89
- if ($feature == 'roles') {
90
- $this->add('_user_roles', serialize(
91
  AAM_Core_API::getOption(
92
  $wpdb->get_blog_prefix($this->blog) . 'user_roles',
93
  array(),
94
  $this->blog
95
  )
96
- ));
97
- } elseif ($feature == 'utilities') {
98
  $this->add(
99
  AAM_Core_Config::OPTION,
100
- serialize(AAM_Core_API::getOption(AAM_Core_Config::OPTION)
101
  ));
102
- } elseif ($feature == 'configpress') {
103
  $this->add(
104
  'aam-configpress',
105
- AAM_Core_ConfigPress::getInstance()->read()
106
  );
107
  } else {
108
  do_action('aam-export-action', 'system', $feature, $this);
@@ -116,15 +116,15 @@ class AAM_Core_Exporter {
116
  */
117
  protected function exportRoles($features) {
118
  foreach($features as $feature) {
119
- if ($feature == 'menu') {
120
  $this->pushData('options', '/^aam_menu_role/');
121
- } elseif ($feature == 'metabox') {
122
  $this->pushData('options', '/^aam_metabox_role/');
123
- } elseif ($feature == 'post') {
124
  $this->pushData('options', '/^aam_type_post_role/');
125
  $this->pushData('options', '/^aam_term_[\d]+\|.+_role/');
126
  $this->pushData('postmeta', '/^aam-post-access-role/');
127
- } elseif ($feature == 'redirect') {
128
  $this->pushData('options', '/^aam_redirect_role/');
129
  $this->pushData('options', '/^aam_loginredirect_role/');
130
  $this->pushData('options', '/^aam_logoutredirect_role/');
@@ -140,19 +140,19 @@ class AAM_Core_Exporter {
140
  global $wpdb;
141
 
142
  foreach($features as $feature) {
143
- if ($feature == 'menu') {
144
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_menu/');
145
- } elseif ($feature == 'metabox') {
146
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_metabox/');
147
- } elseif ($feature == 'post') {
148
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_type_post/');
149
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_term_[\d]+\|/');
150
  $this->pushData('postmeta', '/^aam-post-access-user/');
151
- } elseif ($feature == 'redirect') {
152
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_redirect/');
153
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_loginredirect/');
154
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_logoutredirect/');
155
- } elseif ($feature == 'capability') {
156
  $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_capability/');
157
  }
158
  }
@@ -164,13 +164,13 @@ class AAM_Core_Exporter {
164
  */
165
  protected function exportVisitor($features) {
166
  foreach($features as $feature) {
167
- if ($feature == 'metabox') {
168
  $this->pushData('options', '/^aam_visitor_metabox/');
169
- } elseif ($feature == 'post') {
170
  $this->pushData('options', '/^aam_visitor_type_post/');
171
  $this->pushData('options', '/^aam_visitor_term_/');
172
  $this->pushData('postmeta', '/^aam-post-access-visitor/');
173
- } elseif ($feature ==