Groups - Version 1.4.0

Version Description

  • Added: Groups > Groups > Add / Edit group screens, allow to assign/modify the capabilities assigned to the group.
  • Added: Groups > Groups screen, allow to assign/remove multiple capabilities to multiple groups.
  • Added: Groups > Groups screen, allow to delete multiple groups as a bulk action.
  • Added: Groups > Capabilities screen, allow to delete multiple capabilities as a bulk action.
  • Improved: Groups > Options screen, using searchable select instead of checkboxes to enable capabilities for access restriction.
  • Improved: In user profiles, using a searchable select to modify group assignments.
  • Improved: Reduced the footer text in groups admin sections.
  • Improved: Admin CSS to make better use of screen real-estate and more coherent appearance with the new UI additions.
Download this release

Release Info

Developer itthinx
Plugin Icon 128x128 Groups
Version 1.4.0
Comparing to
See all releases

Code changes from version 1.3.14 to 1.4.0

Files changed (11) hide show
  1. css/groups_admin.css +67 -2
  2. groups.php +2 -2
  3. lib/admin/class-groups-admin-user-profile.php +34 -22
  4. lib/admin/groups-admin-capabilities-remove.php +118 -15
  5. lib/admin/groups-admin-capabilities.php +93 -105
  6. lib/admin/groups-admin-groups-add.php +97 -51
  7. lib/admin/groups-admin-groups-edit.php +131 -55
  8. lib/admin/groups-admin-groups-remove.php +108 -4
  9. lib/admin/groups-admin-groups.php +113 -93
  10. lib/core/class-groups-help.php +2 -34
  11. readme.txt +14 -1
css/groups_admin.css CHANGED
@@ -89,9 +89,27 @@ div.capability.edit label {
89
  .capabilities-overview .page-options {
90
  float: left;
91
  display: inline;
92
- width: 250px;
93
  padding-bottom: 1em;
94
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
95
  .groups-overview .tablenav.top,
96
  .capabilities-overview .tablenav.top {
97
  display: inline;
@@ -104,7 +122,7 @@ div.capability.edit label {
104
  padding-left: 16px ! important;
105
  }
106
  div.groups-footer {
107
- padding-top: 4px;
108
  color: #999;
109
  }
110
  div.groups-footer a {
@@ -132,3 +150,50 @@ div.groups-footer form {
132
  margin: 1em;
133
  padding: 1em;
134
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
89
  .capabilities-overview .page-options {
90
  float: left;
91
  display: inline;
92
+ /*width: 250px;*/
93
  padding-bottom: 1em;
94
  }
95
+ .groups-overview .page-options.right,
96
+ .capabilities-overview .page-options.right {
97
+ float: right;
98
+ }
99
+ .groups-overview .page-options label,
100
+ .groups-overview .page-options input[type="text"],
101
+ .groups-overview .page-options .button,
102
+ .capabilities-overview .page-options label,
103
+ .capabilities-overview .page-options input[type="text"],
104
+ .capabilities-overview .page-options .button {
105
+ margin-right: 4px;
106
+ vertical-align: middle;
107
+ }
108
+ .groups-overview .page-options input[type="text"],
109
+ .capabilities-overview .page-options input[type="text"] {
110
+ width: 2.8em;
111
+ text-align: center;
112
+ }
113
  .groups-overview .tablenav.top,
114
  .capabilities-overview .tablenav.top {
115
  display: inline;
122
  padding-left: 16px ! important;
123
  }
124
  div.groups-footer {
125
+ padding-top: 16px;
126
  color: #999;
127
  }
128
  div.groups-footer a {
150
  margin: 1em;
151
  padding: 1em;
152
  }
153
+
154
+ .groups-bulk-container {
155
+ padding-bottom: 1em;
156
+ }
157
+ .groups-bulk-container,
158
+ .capabilities-bulk-container,
159
+ .tablenav .tablenav-pages {
160
+ line-height: 24px;
161
+ }
162
+ .groups-bulk-container .capabilities-select-container {
163
+ width: 25%;
164
+ float: left;
165
+ vertical-align: middle;
166
+ }
167
+ .groups-bulk-container .selectize-control,
168
+ .groups-bulk-container select.bulk-action,
169
+ .capabilities-bulk-container select.bulk-action {
170
+ margin-right: 4px;
171
+ vertical-align: middle;
172
+ }
173
+ .groups-bulk-container .selectize-input {
174
+ font-size: inherit;
175
+ line-height: 18px;
176
+ padding: 1px 1px 2px 1px;
177
+ vertical-align: middle;
178
+ }
179
+ .groups-bulk-container .selectize-input input[type="text"] {
180
+ font-size: inherit;
181
+ vertical-align: middle;
182
+ }
183
+ .groups-bulk-container .button,
184
+ .capabilities-bulk-container .button {
185
+ vertical-align: middle;
186
+ }
187
+
188
+ .group.new .selectize-control,
189
+ .group.edit .selectize-control,
190
+ .groups-options .selectize-control {
191
+ padding: 2px;
192
+ }
193
+ .group.new .selectize-input,
194
+ .group.edit .selectize-input,
195
+ .groups-options .selectize-input {
196
+ font-size: inherit;
197
+ line-height: 18px;
198
+ padding: 2px;
199
+ }
groups.php CHANGED
@@ -21,13 +21,13 @@
21
  * Plugin Name: Groups
22
  * Plugin URI: http://www.itthinx.com/plugins/groups
23
  * Description: Groups provides group-based user membership management, group-based capabilities and content access control.
24
- * Version: 1.3.14
25
  * Author: itthinx
26
  * Author URI: http://www.itthinx.com
27
  * Donate-Link: http://www.itthinx.com
28
  * License: GPLv3
29
  */
30
- define( 'GROUPS_CORE_VERSION', '1.3.14' );
31
  define( 'GROUPS_FILE', __FILE__ );
32
  if ( !defined( 'GROUPS_CORE_DIR' ) ) {
33
  define( 'GROUPS_CORE_DIR', WP_PLUGIN_DIR . '/groups' );
21
  * Plugin Name: Groups
22
  * Plugin URI: http://www.itthinx.com/plugins/groups
23
  * Description: Groups provides group-based user membership management, group-based capabilities and content access control.
24
+ * Version: 1.4.0
25
  * Author: itthinx
26
  * Author URI: http://www.itthinx.com
27
  * Donate-Link: http://www.itthinx.com
28
  * License: GPLv3
29
  */
30
+ define( 'GROUPS_CORE_VERSION', '1.4.0' );
31
  define( 'GROUPS_FILE', __FILE__ );
32
  if ( !defined( 'GROUPS_CORE_DIR' ) ) {
33
  define( 'GROUPS_CORE_DIR', WP_PLUGIN_DIR . '/groups' );
lib/admin/class-groups-admin-user-profile.php CHANGED
@@ -32,6 +32,23 @@ class Groups_Admin_User_Profile {
32
  add_action( 'edit_user_profile', array( __CLASS__, 'edit_user_profile' ) );
33
  add_action( 'personal_options_update', array( __CLASS__, 'personal_options_update' ) );
34
  add_action( 'edit_user_profile_update', array( __CLASS__, 'edit_user_profile_update' ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
35
  }
36
 
37
  /**
@@ -59,35 +76,30 @@ class Groups_Admin_User_Profile {
59
  }
60
  }
61
 
62
- /**
63
- * Editing a user profile.
64
- * @param WP_User $user
65
  */
66
  public static function edit_user_profile( $user ) {
67
  global $wpdb;
68
  if ( current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
69
- $output = '<h3>' . __( 'Groups', GROUPS_PLUGIN_DOMAIN ) . '</h3>';
70
- $user = new Groups_User( $user->ID );
71
  $user_groups = $user->groups;
72
  $groups_table = _groups_get_tablename( 'group' );
73
  if ( $groups = $wpdb->get_results( "SELECT * FROM $groups_table ORDER BY name" ) ) {
74
- $output .= '<ul>';
75
  foreach( $groups as $group ) {
76
  $is_member = Groups_User_Group::read( $user->ID, $group->group_id ) ? true : false;
77
- $output .= '<li>';
78
- $output .= '<label>';
79
- $output .= sprintf( '<input type="checkbox" name="group_ids[]" value="%d" %s />', Groups_Utility::id( $group->group_id ), $is_member ? ' checked="checked" ' : '' );
80
- $output .= ' ';
81
- $output .= wp_filter_nohtml_kses( $group->name );
82
- $output .= '</label>';
83
- $output .= '</li>';
84
  }
85
- $output .= '</ul>';
 
86
  }
 
87
  }
88
- echo $output;
89
  }
90
-
91
  /**
92
  * Updates the group membership when a user's own profile is saved - but
93
  * for group admins on their own profile page only.
@@ -102,19 +114,19 @@ class Groups_Admin_User_Profile {
102
  self::edit_user_profile_update( $user_id );
103
  }
104
  }
105
-
106
  /**
107
  * Updates the group membership.
108
  * @param int $user_id
109
  */
110
  public static function edit_user_profile_update( $user_id ) {
111
- global $wpdb;
112
  if ( current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
113
- $groups_table = _groups_get_tablename( 'group' );
114
  if ( $groups = $wpdb->get_results( "SELECT * FROM $groups_table" ) ) {
115
- $user_group_ids = isset( $_POST['group_ids'] ) && is_array( $_POST['group_ids'] ) ? $_POST['group_ids'] : array();
116
  foreach( $groups as $group ) {
117
- if ( in_array( $group->group_id, $user_group_ids) ) {
118
  if ( !Groups_User_Group::read( $user_id, $group->group_id ) ) {
119
  Groups_User_Group::create( array( 'user_id' => $user_id, 'group_id' => $group->group_id ) );
120
  }
@@ -125,7 +137,7 @@ class Groups_Admin_User_Profile {
125
  }
126
  }
127
  }
128
- }
129
  }
130
 
131
  /**
32
  add_action( 'edit_user_profile', array( __CLASS__, 'edit_user_profile' ) );
33
  add_action( 'personal_options_update', array( __CLASS__, 'personal_options_update' ) );
34
  add_action( 'edit_user_profile_update', array( __CLASS__, 'edit_user_profile_update' ) );
35
+ add_action( 'admin_enqueue_scripts', array( __CLASS__, 'admin_enqueue_scripts' ) );
36
+ }
37
+
38
+ /**
39
+ * Enqueues the select script on the user-edit and profile screens.
40
+ */
41
+ public static function admin_enqueue_scripts() {
42
+ $screen = get_current_screen();
43
+ if ( isset( $screen->id ) ) {
44
+ switch( $screen->id ) {
45
+ case 'user-edit' :
46
+ case 'profile' :
47
+ require_once GROUPS_VIEWS_LIB . '/class-groups-uie.php';
48
+ Groups_UIE::enqueue( 'select' );
49
+ break;
50
+ }
51
+ }
52
  }
53
 
54
  /**
76
  }
77
  }
78
 
79
+ /**
80
+ * Editing a user profile.
81
+ * @param WP_User $user
82
  */
83
  public static function edit_user_profile( $user ) {
84
  global $wpdb;
85
  if ( current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
86
+ $output = '<h3>' . __( 'Groups', GROUPS_PLUGIN_DOMAIN ) . '</h3>';
87
+ $user = new Groups_User( $user->ID );
88
  $user_groups = $user->groups;
89
  $groups_table = _groups_get_tablename( 'group' );
90
  if ( $groups = $wpdb->get_results( "SELECT * FROM $groups_table ORDER BY name" ) ) {
91
+ $output .= '<select id="user-groups" class="groups" name="group_ids[]" multiple="multiple">';
92
  foreach( $groups as $group ) {
93
  $is_member = Groups_User_Group::read( $user->ID, $group->group_id ) ? true : false;
94
+ $output .= sprintf( '<option value="%d" %s>%s</option>', Groups_Utility::id( $group->group_id ), $is_member ? ' selected="selected" ' : '', wp_filter_nohtml_kses( $group->name ) );
 
 
 
 
 
 
95
  }
96
+ $output .= '</select>';
97
+ $output .= Groups_UIE::render_select( '#user-groups' );
98
  }
99
+ echo $output;
100
  }
 
101
  }
102
+
103
  /**
104
  * Updates the group membership when a user's own profile is saved - but
105
  * for group admins on their own profile page only.
114
  self::edit_user_profile_update( $user_id );
115
  }
116
  }
117
+
118
  /**
119
  * Updates the group membership.
120
  * @param int $user_id
121
  */
122
  public static function edit_user_profile_update( $user_id ) {
123
+ global $wpdb;
124
  if ( current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
125
+ $groups_table = _groups_get_tablename( 'group' );
126
  if ( $groups = $wpdb->get_results( "SELECT * FROM $groups_table" ) ) {
127
+ $user_group_ids = isset( $_POST['group_ids'] ) && is_array( $_POST['group_ids'] ) ? $_POST['group_ids'] : array();
128
  foreach( $groups as $group ) {
129
+ if ( in_array( $group->group_id, $user_group_ids ) ) {
130
  if ( !Groups_User_Group::read( $user_id, $group->group_id ) ) {
131
  Groups_User_Group::create( array( 'user_id' => $user_id, 'group_id' => $group->group_id ) );
132
  }
137
  }
138
  }
139
  }
140
+ }
141
  }
142
 
143
  /**
lib/admin/groups-admin-capabilities-remove.php CHANGED
@@ -24,25 +24,25 @@
24
  * @param int $capability_id capability id
25
  */
26
  function groups_admin_capabilities_remove( $capability_id ) {
27
-
28
  global $wpdb;
29
-
30
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
31
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
32
  }
33
-
34
  $capability = Groups_Capability::read( intval( $capability_id ) );
35
-
36
  if ( empty( $capability ) ) {
37
  wp_die( __( 'No such capability.', GROUPS_PLUGIN_DOMAIN ) );
38
  }
39
-
40
  $capability_table = _groups_get_tablename( 'capability' );
41
-
42
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
43
  $current_url = remove_query_arg( 'action', $current_url );
44
  $current_url = remove_query_arg( 'capability_id', $current_url );
45
-
46
  $output =
47
  '<div class="manage-capabilities">' .
48
  '<div>' .
@@ -64,9 +64,9 @@ function groups_admin_capabilities_remove( $capability_id ) {
64
  '</div>' . // .capability.remove
65
  '</form>' .
66
  '</div>'; // .manage-capabilities
67
-
68
  echo $output;
69
-
70
  Groups_Help::footer();
71
  } // function groups_admin_capabilities_remove
72
 
@@ -74,19 +74,19 @@ function groups_admin_capabilities_remove( $capability_id ) {
74
  * Handle remove form submission.
75
  */
76
  function groups_admin_capabilities_remove_submit() {
77
-
78
  global $wpdb;
79
-
80
  $result = false;
81
-
82
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
83
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
84
  }
85
-
86
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-remove' ) ) {
87
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
88
  }
89
-
90
  $capability_id = isset( $_POST['capability-id-field'] ) ? $_POST['capability-id-field'] : null;
91
  $capability = Groups_Capability::read( $capability_id );
92
  if ( $capability ) {
@@ -96,4 +96,107 @@ function groups_admin_capabilities_remove_submit() {
96
  }
97
  return $result;
98
  } // function groups_admin_capabilities_remove_submit
99
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
24
  * @param int $capability_id capability id
25
  */
26
  function groups_admin_capabilities_remove( $capability_id ) {
27
+
28
  global $wpdb;
29
+
30
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
31
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
32
  }
33
+
34
  $capability = Groups_Capability::read( intval( $capability_id ) );
35
+
36
  if ( empty( $capability ) ) {
37
  wp_die( __( 'No such capability.', GROUPS_PLUGIN_DOMAIN ) );
38
  }
39
+
40
  $capability_table = _groups_get_tablename( 'capability' );
41
+
42
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
43
  $current_url = remove_query_arg( 'action', $current_url );
44
  $current_url = remove_query_arg( 'capability_id', $current_url );
45
+
46
  $output =
47
  '<div class="manage-capabilities">' .
48
  '<div>' .
64
  '</div>' . // .capability.remove
65
  '</form>' .
66
  '</div>'; // .manage-capabilities
67
+
68
  echo $output;
69
+
70
  Groups_Help::footer();
71
  } // function groups_admin_capabilities_remove
72
 
74
  * Handle remove form submission.
75
  */
76
  function groups_admin_capabilities_remove_submit() {
77
+
78
  global $wpdb;
79
+
80
  $result = false;
81
+
82
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
83
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
84
  }
85
+
86
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-remove' ) ) {
87
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
88
  }
89
+
90
  $capability_id = isset( $_POST['capability-id-field'] ) ? $_POST['capability-id-field'] : null;
91
  $capability = Groups_Capability::read( $capability_id );
92
  if ( $capability ) {
96
  }
97
  return $result;
98
  } // function groups_admin_capabilities_remove_submit
99
+
100
+ /**
101
+ * Shows form to confirm removal bulk capabilities
102
+ */
103
+ function groups_admin_capabilities_bulk_remove() {
104
+
105
+ global $wpdb;
106
+
107
+ $output = '';
108
+
109
+ if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
110
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
111
+ }
112
+
113
+ $capability_ids = isset( $_POST['capability_ids'] ) ? $_POST['capability_ids'] : null;
114
+
115
+ if ( ! $capability_ids ) {
116
+ wp_die( __( 'No such capabilities.', GROUPS_PLUGIN_DOMAIN ) );
117
+ }
118
+
119
+ $capabilities = array();
120
+ foreach ( $capability_ids as $capability_id ) {
121
+ $capability = Groups_Capability::read( intval( $capability_id ) );
122
+ if ( $capability ) {
123
+ $capabilities[] = $capability;
124
+ }
125
+ }
126
+
127
+ $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
128
+ $current_url = remove_query_arg( 'action', $current_url );
129
+ $current_url = remove_query_arg( 'capability_id', $current_url );
130
+
131
+ $output .= '<div class="manage-capabilities">';
132
+ $output .= '<div>';
133
+ $output .= '<h2>';
134
+ $output .= __( 'Remove capabilities', GROUPS_PLUGIN_DOMAIN );
135
+ $output .= '</h2>';
136
+ $output .= '</div>';
137
+
138
+ $output .= '<form id="capabilities-action" method="post" action="">';
139
+ $output .= '<div class="capability remove">';
140
+ $output .= '<p>';
141
+ $output .= __( 'Please confirm to remove the following capabilities. This action cannot be undone.', GROUPS_PLUGIN_DOMAIN );
142
+ $output .= '</p>';
143
+ foreach ( $capabilities as $capability ) {
144
+ $output .= '<input id="capability_ids" name="capability_ids[]" type="hidden" value="' . esc_attr( intval( $capability->capability_id ) ) . '"/>';
145
+ $output .= '<ul>';
146
+ $output .= '<li>';
147
+ $output .= sprintf( __( '<strong>%s</strong>', GROUPS_PLUGIN_DOMAIN ), wp_filter_nohtml_kses( $capability->capability ) );
148
+ $output .= '</li>';
149
+ $output .= '</ul>';
150
+ }
151
+ $output .= '<input class="button" type="submit" name="bulk" value="' . __( "Remove", GROUPS_PLUGIN_DOMAIN ) . '"/>';
152
+ $output .= '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>';
153
+
154
+ $output .= '<input type="hidden" name="action" value="groups-action"/>';
155
+ $output .= '<input type="hidden" name="bulk-action" value="remove"/>';
156
+ $output .= '<input type="hidden" name="confirm" value="1"/>';
157
+ $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false );
158
+
159
+ $output .= '</div>';
160
+ $output .= '</form>';
161
+ $output .= '</div>';
162
+
163
+ echo $output;
164
+
165
+ Groups_Help::footer();
166
+ } // function groups_admin_capabilities_bulk_remove
167
+
168
+ /**
169
+ * Handle remove form submission.
170
+ * @return array of deleted capabilities' ids
171
+ */
172
+ function groups_admin_capabilities_bulk_remove_submit() {
173
+
174
+ global $wpdb;
175
+
176
+ $result = array();
177
+
178
+ if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
179
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
180
+ }
181
+
182
+ if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin' ) ) {
183
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
184
+ }
185
+
186
+ $capability_ids = isset( $_POST['capability_ids'] ) ? $_POST['capability_ids'] : null;
187
+
188
+ if ( $capability_ids ) {
189
+ foreach ( $capability_ids as $capability_id ) {
190
+ $capability = Groups_Capability::read( $capability_id );
191
+ if ( $capability ) {
192
+ if ( $capability->capability !== Groups_Post_Access::READ_POST_CAPABILITY ) {
193
+ if ( Groups_Capability::delete( $capability_id ) ) {
194
+ $result[] = $capability->capability_id;
195
+ }
196
+ }
197
+ }
198
+ }
199
+ }
200
+
201
+ return $result;
202
+ } // function groups_admin_capabilities_bulk_remove_submit
lib/admin/groups-admin-capabilities.php CHANGED
@@ -33,12 +33,12 @@ require_once( GROUPS_ADMIN_LIB . '/groups-admin-capabilities-remove.php');
33
  * Manage capabilities: table of capabilities and add, edit, remove actions.
34
  */
35
  function groups_admin_capabilities() {
36
-
37
  global $wpdb;
38
-
39
  $output = '';
40
  $today = date( 'Y-m-d', time() );
41
-
42
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
43
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
44
  }
@@ -64,23 +64,25 @@ function groups_admin_capabilities() {
64
  break;
65
  // bulk actions on groups: capabilities
66
  case 'groups-action' :
67
- // if ( wp_verify_nonce( $_POST[GROUPS_ADMIN_CAPABILITIES_ACTION_NONCE], 'admin' ) ) {
68
- // $group_ids = isset( $_POST['group_ids'] ) ? $_POST['group_ids'] : null;
69
- // $subaction = isset( $_POST['add'] ) ? $_POST['add'] : ( isset( $_POST['remove'] ) ? $_POST['remove'] : null );
70
- // $capability_id = isset( $_POST['capability_id'] ) ? $_POST['capability_id'] : null;
71
- // if ( is_array( $group_ids ) && ( $subaction !== null ) && ( $capability_id !== null ) ) {
72
- // foreach ( $group_ids as $group_id ) {
73
- // switch ( $subaction ) {
74
- // case 'Add' :
75
- // Groups_Group_Capability::create( array( 'group_id' => $group_id, 'capability_id' => $capability_id ) );
76
- // break;
77
- // case 'Remove' :
78
- // Groups_Group_Capability::delete( $group_id, $capability_id );
79
- // break;
80
- // }
81
- // }
82
- // }
83
- // }
 
 
84
  break;
85
  }
86
  } else if ( isset ( $_GET['action'] ) ) {
@@ -113,7 +115,7 @@ function groups_admin_capabilities() {
113
  break;
114
  }
115
  }
116
-
117
  //
118
  // capabilities table
119
  //
@@ -126,11 +128,11 @@ function groups_admin_capabilities() {
126
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
127
  }
128
  }
129
-
130
  // filters
131
  $capability_id = Groups_Options::get_user_option( 'capabilities_capability_id', null );
132
  $capability = Groups_Options::get_user_option( 'capabilities_capability', null );
133
-
134
  if ( isset( $_POST['clear_filters'] ) ) {
135
  Groups_Options::delete_user_option( 'capabilities_capability_id' );
136
  Groups_Options::delete_user_option( 'capabilities_capability' );
@@ -148,29 +150,29 @@ function groups_admin_capabilities() {
148
  Groups_Options::update_user_option( 'capabilities_capability_id', $capability_id );
149
  } else if ( isset( $_POST['capability_id'] ) ) { // empty && isset => '' => all
150
  $capability_id = null;
151
- Groups_Options::delete_user_option( 'capabilities_capability_id' );
152
  }
153
  }
154
-
155
  if ( isset( $_POST['row_count'] ) ) {
156
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_1], 'admin' ) ) {
157
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
158
  }
159
  }
160
-
161
  if ( isset( $_POST['paged'] ) ) {
162
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_2], 'admin' ) ) {
163
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
164
  }
165
  }
166
-
167
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
168
  $current_url = remove_query_arg( 'paged', $current_url );
169
  $current_url = remove_query_arg( 'action', $current_url );
170
  $current_url = remove_query_arg( 'capability_id', $current_url );
171
-
172
  $capability_table = _groups_get_tablename( 'capability' );
173
-
174
  $output .=
175
  '<div class="manage-capabilities">' .
176
  '<div>' .
@@ -178,7 +180,7 @@ function groups_admin_capabilities() {
178
  __( 'Capabilities', GROUPS_PLUGIN_DOMAIN ) .
179
  '</h2>' .
180
  '</div>';
181
-
182
  $output .=
183
  '<div class="manage">' .
184
  "<a title='" . __( 'Click to add a new capability', GROUPS_PLUGIN_DOMAIN ) . "' class='add button' href='" . esc_url( $current_url ) . "&action=add'><img class='icon' alt='" . __( 'Add', GROUPS_PLUGIN_DOMAIN) . "' src='". GROUPS_PLUGIN_URL . "images/add.png'/><span class='label'>" . __( 'New Capability', GROUPS_PLUGIN_DOMAIN) . "</span></a>" .
@@ -186,7 +188,7 @@ function groups_admin_capabilities() {
186
  '</div>';
187
 
188
  $row_count = isset( $_POST['row_count'] ) ? intval( $_POST['row_count'] ) : 0;
189
-
190
  if ($row_count <= 0) {
191
  $row_count = Groups_Options::get_user_option( 'capabilities_per_page', GROUPS_CAPABILITIES_PER_PAGE );
192
  } else {
@@ -199,8 +201,8 @@ function groups_admin_capabilities() {
199
  $paged = isset( $_GET['paged'] ) ? intval( $_GET['paged'] ) : 0;
200
  if ( $paged < 0 ) {
201
  $paged = 0;
202
- }
203
-
204
  $orderby = isset( $_GET['orderby'] ) ? $_GET['orderby'] : null;
205
  switch ( $orderby ) {
206
  case 'capability_id' :
@@ -209,7 +211,7 @@ function groups_admin_capabilities() {
209
  default:
210
  $orderby = 'name';
211
  }
212
-
213
  $order = isset( $_GET['order'] ) ? $_GET['order'] : null;
214
  switch ( $order ) {
215
  case 'asc' :
@@ -224,7 +226,7 @@ function groups_admin_capabilities() {
224
  $order = 'ASC';
225
  $switch_order = 'DESC';
226
  }
227
-
228
  $filters = array();
229
  $filter_params = array();
230
  if ( $capability_id ) {
@@ -235,13 +237,13 @@ function groups_admin_capabilities() {
235
  $filters[] = " $capability_table.capability LIKE '%%%s%%' ";
236
  $filter_params[] = $capability;
237
  }
238
-
239
  if ( !empty( $filters ) ) {
240
  $filters = " WHERE " . implode( " AND ", $filters );
241
  } else {
242
  $filters = '';
243
  }
244
-
245
  $count_query = $wpdb->prepare( "SELECT COUNT(*) FROM $capability_table $filters", $filter_params );
246
  $count = $wpdb->get_var( $count_query );
247
  if ( $count > $row_count ) {
@@ -256,7 +258,7 @@ function groups_admin_capabilities() {
256
  if ( $paged != 0 ) {
257
  $offset = ( $paged - 1 ) * $row_count;
258
  }
259
-
260
  $query = $wpdb->prepare(
261
  "SELECT * FROM $capability_table
262
  $filters
@@ -264,19 +266,19 @@ function groups_admin_capabilities() {
264
  LIMIT $row_count OFFSET $offset",
265
  $filter_params
266
  );
267
-
268
  $results = $wpdb->get_results( $query, OBJECT );
269
 
270
  $column_display_names = array(
271
  'capability_id' => __( 'Id', GROUPS_PLUGIN_DOMAIN ),
272
  'capability' => __( 'Capability', GROUPS_PLUGIN_DOMAIN ),
273
- 'description' => __( 'Description', GROUPS_PLUGIN_DOMAIN ),
274
  'edit' => __( 'Edit', GROUPS_PLUGIN_DOMAIN ),
275
  'remove' => __( 'Remove', GROUPS_PLUGIN_DOMAIN )
276
  );
277
-
278
  $output .= '<div class="capabilities-overview">';
279
-
280
  $output .=
281
  '<div class="filters">' .
282
  '<label class="description" for="setfilters">' . __( 'Filters', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
@@ -295,20 +297,7 @@ function groups_admin_capabilities() {
295
  '</p>' .
296
  '</form>' .
297
  '</div>';
298
-
299
- $output .= '
300
- <div class="page-options">
301
- <form id="setrowcount" action="" method="post">
302
- <div>
303
- <label for="row_count">' . __( 'Results per page', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
304
- '<input name="row_count" type="text" size="2" value="' . esc_attr( $row_count ) .'" />
305
- ' . wp_nonce_field( 'admin', GROUPS_ADMIN_CAPABILITIES_NONCE_1, true, false ) . '
306
- <input class="button" type="submit" value="' . __( 'Apply', GROUPS_PLUGIN_DOMAIN ) . '"/>
307
- </div>
308
- </form>
309
- </div>
310
- ';
311
-
312
  if ( $paginate ) {
313
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
314
  $pagination = new Groups_Pagination( $count, null, $row_count );
@@ -321,41 +310,40 @@ function groups_admin_capabilities() {
321
  $output .= '</div>';
322
  $output .= '</form>';
323
  }
324
-
325
-
326
- // $capability_table = _groups_get_tablename( "capability" );
327
- // $group_capability_table = _groups_get_tablename( "group_capability" );
328
-
329
- // // capabilities select
330
- // $capabilities_select = '<select name="capability_id">';
331
- // $capabilities = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $capability_table ORDER BY capability" ) );
332
- // foreach( $capabilities as $capability ) {
333
- // $capabilities_select .= '<option value="' . esc_attr( $capability->capability_id ) . '">' . wp_filter_nohtml_kses( $capability->capability ) . '</option>';
334
- // }
335
- // $capabilities_select .= '</select>';
336
-
337
-
338
- // $output .= '<form id="groups-action" method="post" action="">';
339
-
340
- // $output .= '<div class="tablenav top">';
341
- // $output .= '<div class="alignleft">';
342
- // $output .= __( "Apply capability to selected groups:", GROUPS_PLUGIN_DOMAIN );
343
- // $output .= $capabilities_select;
344
- // $output .= '<input class="button" type="submit" name="add" value="' . __( "Add", GROUPS_PLUGIN_DOMAIN ) . '"/>';
345
- // $output .= '<input class="button" type="submit" name="remove" value="' . __( "Remove", GROUPS_PLUGIN_DOMAIN ) . '"/>';
346
- // $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_CAPABILITIES_ACTION_NONCE, true, false );
347
- // $output .= '<input type="hidden" name="action" value="groups-action"/>';
348
- // $output .= '</div>'; // .alignleft
349
- // $output .= '</div>'; // .tablenav.top
350
-
351
- $output .= '
352
- <table id="" class="wp-list-table widefat fixed" cellspacing="0">
353
- <thead>
354
- <tr>
355
- ';
356
-
357
  $output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
358
-
359
  foreach ( $column_display_names as $key => $column_display_name ) {
360
  $options = array(
361
  'orderby' => $key,
@@ -373,61 +361,61 @@ function groups_admin_capabilities() {
373
  }
374
  $output .= "<th scope='col' class='$class'>$column_display_name</th>";
375
  }
376
-
377
  $output .= '</tr>
378
  </thead>
379
  <tbody>
380
  ';
381
-
382
  if ( count( $results ) > 0 ) {
383
  for ( $i = 0; $i < count( $results ); $i++ ) {
384
-
385
  $result = $results[$i];
386
-
387
  $output .= '<tr class="' . ( $i % 2 == 0 ? 'even' : 'odd' ) . '">';
388
-
389
  $output .= '<th class="check-column">';
390
  $output .= '<input type="checkbox" value="' . esc_attr( $result->capability_id ) . '" name="capability_ids[]"/>';
391
  $output .= '</th>';
392
-
393
  $output .= "<td class='capability-id'>";
394
  $output .= $result->capability_id;
395
  $output .= "</td>";
396
  $output .= "<td class='capability'>" . stripslashes( wp_filter_nohtml_kses( $result->capability ) ) . "</td>";
397
  $output .= "<td class='description'>" . stripslashes( wp_filter_nohtml_kses( $result->description ) ) . "</td>";
398
-
399
  $output .= "<td class='edit'>";
400
  $output .= "<a href='" . esc_url( add_query_arg( 'paged', $paged, $current_url ) ) . "&action=edit&capability_id=" . $result->capability_id . "' alt='" . __( 'Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/edit.png'/></a>";
401
  $output .= "</td>";
402
-
403
  $output .= "<td class='remove'>";
404
  if ( $result->capability !== Groups_Post_Access::READ_POST_CAPABILITY ) {
405
  $output .= "<a href='" . esc_url( $current_url ) . "&action=remove&capability_id=" . $result->capability_id . "' alt='" . __( 'Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/remove.png'/></a>";
406
  }
407
  $output .= "</td>";
408
-
409
  $output .= '</tr>';
410
  }
411
  } else {
412
  $output .= '<tr><td colspan="6">' . __( 'There are no results.', GROUPS_PLUGIN_DOMAIN ) . '</td></tr>';
413
  }
414
-
415
  $output .= '</tbody>';
416
  $output .= '</table>';
417
-
418
- // $output .= '</form>'; // #groups-action
419
-
420
  if ( $paginate ) {
421
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
422
  $pagination = new Groups_Pagination($count, null, $row_count);
423
  $output .= '<div class="tablenav bottom">';
424
  $output .= $pagination->pagination( 'bottom' );
425
- $output .= '</div>';
426
  }
427
 
428
  $output .= '</div>'; // .capabilities-overview
429
  $output .= '</div>'; // .manage-capabilities
430
-
431
  echo $output;
432
  Groups_Help::footer();
433
  } // function groups_admin_capabilities()
33
  * Manage capabilities: table of capabilities and add, edit, remove actions.
34
  */
35
  function groups_admin_capabilities() {
36
+
37
  global $wpdb;
38
+
39
  $output = '';
40
  $today = date( 'Y-m-d', time() );
41
+
42
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
43
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
44
  }
64
  break;
65
  // bulk actions on groups: capabilities
66
  case 'groups-action' :
67
+ if ( wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin' ) ) {
68
+ $capability_ids = isset( $_POST['capability_ids'] ) ? $_POST['capability_ids'] : null;
69
+ $bulk = isset( $_POST['bulk'] ) ? $_POST['bulk'] : null;
70
+ if ( is_array( $capability_ids ) && ( $bulk !== null ) ) {
71
+ foreach ( $capability_ids as $capability_id ) {
72
+ $bulk_action = isset( $_POST['bulk-action'] ) ? $_POST['bulk-action'] : null;
73
+ switch( $bulk_action ) {
74
+ case 'remove' :
75
+ if ( isset( $_POST['confirm'] ) ) {
76
+ groups_admin_capabilities_bulk_remove_submit();
77
+ } else {
78
+ return groups_admin_capabilities_bulk_remove();
79
+ }
80
+ break;
81
+ }
82
+ break;
83
+ }
84
+ }
85
+ }
86
  break;
87
  }
88
  } else if ( isset ( $_GET['action'] ) ) {
115
  break;
116
  }
117
  }
118
+
119
  //
120
  // capabilities table
121
  //
128
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
129
  }
130
  }
131
+
132
  // filters
133
  $capability_id = Groups_Options::get_user_option( 'capabilities_capability_id', null );
134
  $capability = Groups_Options::get_user_option( 'capabilities_capability', null );
135
+
136
  if ( isset( $_POST['clear_filters'] ) ) {
137
  Groups_Options::delete_user_option( 'capabilities_capability_id' );
138
  Groups_Options::delete_user_option( 'capabilities_capability' );
150
  Groups_Options::update_user_option( 'capabilities_capability_id', $capability_id );
151
  } else if ( isset( $_POST['capability_id'] ) ) { // empty && isset => '' => all
152
  $capability_id = null;
153
+ Groups_Options::delete_user_option( 'capabilities_capability_id' );
154
  }
155
  }
156
+
157
  if ( isset( $_POST['row_count'] ) ) {
158
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_1], 'admin' ) ) {
159
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
160
  }
161
  }
162
+
163
  if ( isset( $_POST['paged'] ) ) {
164
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_2], 'admin' ) ) {
165
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
166
  }
167
  }
168
+
169
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
170
  $current_url = remove_query_arg( 'paged', $current_url );
171
  $current_url = remove_query_arg( 'action', $current_url );
172
  $current_url = remove_query_arg( 'capability_id', $current_url );
173
+
174
  $capability_table = _groups_get_tablename( 'capability' );
175
+
176
  $output .=
177
  '<div class="manage-capabilities">' .
178
  '<div>' .
180
  __( 'Capabilities', GROUPS_PLUGIN_DOMAIN ) .
181
  '</h2>' .
182
  '</div>';
183
+
184
  $output .=
185
  '<div class="manage">' .
186
  "<a title='" . __( 'Click to add a new capability', GROUPS_PLUGIN_DOMAIN ) . "' class='add button' href='" . esc_url( $current_url ) . "&action=add'><img class='icon' alt='" . __( 'Add', GROUPS_PLUGIN_DOMAIN) . "' src='". GROUPS_PLUGIN_URL . "images/add.png'/><span class='label'>" . __( 'New Capability', GROUPS_PLUGIN_DOMAIN) . "</span></a>" .
188
  '</div>';
189
 
190
  $row_count = isset( $_POST['row_count'] ) ? intval( $_POST['row_count'] ) : 0;
191
+
192
  if ($row_count <= 0) {
193
  $row_count = Groups_Options::get_user_option( 'capabilities_per_page', GROUPS_CAPABILITIES_PER_PAGE );
194
  } else {
201
  $paged = isset( $_GET['paged'] ) ? intval( $_GET['paged'] ) : 0;
202
  if ( $paged < 0 ) {
203
  $paged = 0;
204
+ }
205
+
206
  $orderby = isset( $_GET['orderby'] ) ? $_GET['orderby'] : null;
207
  switch ( $orderby ) {
208
  case 'capability_id' :
211
  default:
212
  $orderby = 'name';
213
  }
214
+
215
  $order = isset( $_GET['order'] ) ? $_GET['order'] : null;
216
  switch ( $order ) {
217
  case 'asc' :
226
  $order = 'ASC';
227
  $switch_order = 'DESC';
228
  }
229
+
230
  $filters = array();
231
  $filter_params = array();
232
  if ( $capability_id ) {
237
  $filters[] = " $capability_table.capability LIKE '%%%s%%' ";
238
  $filter_params[] = $capability;
239
  }
240
+
241
  if ( !empty( $filters ) ) {
242
  $filters = " WHERE " . implode( " AND ", $filters );
243
  } else {
244
  $filters = '';
245
  }
246
+
247
  $count_query = $wpdb->prepare( "SELECT COUNT(*) FROM $capability_table $filters", $filter_params );
248
  $count = $wpdb->get_var( $count_query );
249
  if ( $count > $row_count ) {
258
  if ( $paged != 0 ) {
259
  $offset = ( $paged - 1 ) * $row_count;
260
  }
261
+
262
  $query = $wpdb->prepare(
263
  "SELECT * FROM $capability_table
264
  $filters
266
  LIMIT $row_count OFFSET $offset",
267
  $filter_params
268
  );
269
+
270
  $results = $wpdb->get_results( $query, OBJECT );
271
 
272
  $column_display_names = array(
273
  'capability_id' => __( 'Id', GROUPS_PLUGIN_DOMAIN ),
274
  'capability' => __( 'Capability', GROUPS_PLUGIN_DOMAIN ),
275
+ 'description' => __( 'Description', GROUPS_PLUGIN_DOMAIN ),
276
  'edit' => __( 'Edit', GROUPS_PLUGIN_DOMAIN ),
277
  'remove' => __( 'Remove', GROUPS_PLUGIN_DOMAIN )
278
  );
279
+
280
  $output .= '<div class="capabilities-overview">';
281
+
282
  $output .=
283
  '<div class="filters">' .
284
  '<label class="description" for="setfilters">' . __( 'Filters', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
297
  '</p>' .
298
  '</form>' .
299
  '</div>';
300
+
 
 
 
 
 
 
 
 
 
 
 
 
 
301
  if ( $paginate ) {
302
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
303
  $pagination = new Groups_Pagination( $count, null, $row_count );
310
  $output .= '</div>';
311
  $output .= '</form>';
312
  }
313
+
314
+ $output .= '<div class="page-options right">';
315
+ $output .= '<form id="setrowcount" action="" method="post">';
316
+ $output .= '<div>';
317
+ $output .= '<label for="row_count">' . __( 'Results per page', GROUPS_PLUGIN_DOMAIN ) . '</label>';
318
+ $output .= '<input name="row_count" type="text" size="2" value="' . esc_attr( $row_count ) .'" />';
319
+ $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_CAPABILITIES_NONCE_1, true, false );
320
+ $output .= '<input class="button" type="submit" value="' . __( 'Apply', GROUPS_PLUGIN_DOMAIN ) . '"/>';
321
+ $output .= '</div>';
322
+ $output .= '</form>';
323
+ $output .= '</div>';
324
+
325
+ $output .= '<form id="groups-action" method="post" action="">';
326
+
327
+ $output .= '<div class="tablenav top">';
328
+ $output .= '<div class="capabilities-bulk-container">';
329
+ $output .= '<div class="alignleft actions">';
330
+ $output .= '<select name="bulk-action">';
331
+ $output .= '<option selected="selected" value="-1">' . __( "Bulk Actions", GROUPS_PLUGIN_DOMAIN ) . '</option>';
332
+ $output .= '<option value="remove">' . __( "Remove", GROUPS_PLUGIN_DOMAIN ) . '</option>';
333
+ $output .= '</select>';
334
+ $output .= '<input class="button" type="submit" name="bulk" value="' . __( "Apply", GROUPS_PLUGIN_DOMAIN ) . '"/>';
335
+ $output .= '</div>';
336
+ $output .= '</div>';
337
+ $output .= '</div>';
338
+ $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false );
339
+ $output .= '<input type="hidden" name="action" value="groups-action"/>';
340
+
341
+ $output .= '<table id="" class="wp-list-table widefat fixed" cellspacing="0">';
342
+ $output .= '<thead>';
343
+ $output .= '<tr>';
344
+
 
345
  $output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
346
+
347
  foreach ( $column_display_names as $key => $column_display_name ) {
348
  $options = array(
349
  'orderby' => $key,
361
  }
362
  $output .= "<th scope='col' class='$class'>$column_display_name</th>";
363
  }
364
+
365
  $output .= '</tr>
366
  </thead>
367
  <tbody>
368
  ';
369
+
370
  if ( count( $results ) > 0 ) {
371
  for ( $i = 0; $i < count( $results ); $i++ ) {
372
+
373
  $result = $results[$i];
374
+
375
  $output .= '<tr class="' . ( $i % 2 == 0 ? 'even' : 'odd' ) . '">';
376
+
377
  $output .= '<th class="check-column">';
378
  $output .= '<input type="checkbox" value="' . esc_attr( $result->capability_id ) . '" name="capability_ids[]"/>';
379
  $output .= '</th>';
380
+
381
  $output .= "<td class='capability-id'>";
382
  $output .= $result->capability_id;
383
  $output .= "</td>";
384
  $output .= "<td class='capability'>" . stripslashes( wp_filter_nohtml_kses( $result->capability ) ) . "</td>";
385
  $output .= "<td class='description'>" . stripslashes( wp_filter_nohtml_kses( $result->description ) ) . "</td>";
386
+
387
  $output .= "<td class='edit'>";
388
  $output .= "<a href='" . esc_url( add_query_arg( 'paged', $paged, $current_url ) ) . "&action=edit&capability_id=" . $result->capability_id . "' alt='" . __( 'Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/edit.png'/></a>";
389
  $output .= "</td>";
390
+
391
  $output .= "<td class='remove'>";
392
  if ( $result->capability !== Groups_Post_Access::READ_POST_CAPABILITY ) {
393
  $output .= "<a href='" . esc_url( $current_url ) . "&action=remove&capability_id=" . $result->capability_id . "' alt='" . __( 'Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/remove.png'/></a>";
394
  }
395
  $output .= "</td>";
396
+
397
  $output .= '</tr>';
398
  }
399
  } else {
400
  $output .= '<tr><td colspan="6">' . __( 'There are no results.', GROUPS_PLUGIN_DOMAIN ) . '</td></tr>';
401
  }
402
+
403
  $output .= '</tbody>';
404
  $output .= '</table>';
405
+
406
+ $output .= '</form>'; // #groups-action
407
+
408
  if ( $paginate ) {
409
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
410
  $pagination = new Groups_Pagination($count, null, $row_count);
411
  $output .= '<div class="tablenav bottom">';
412
  $output .= $pagination->pagination( 'bottom' );
413
+ $output .= '</div>';
414
  }
415
 
416
  $output .= '</div>'; // .capabilities-overview
417
  $output .= '</div>'; // .manage-capabilities
418
+
419
  echo $output;
420
  Groups_Help::footer();
421
  } // function groups_admin_capabilities()
lib/admin/groups-admin-groups-add.php CHANGED
@@ -23,22 +23,24 @@
23
  * Show add group form.
24
  */
25
  function groups_admin_groups_add() {
26
-
27
  global $wpdb;
28
-
 
 
29
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
30
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
31
  }
32
-
33
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
34
  $current_url = remove_query_arg( 'paged', $current_url );
35
  $current_url = remove_query_arg( 'action', $current_url );
36
  $current_url = remove_query_arg( 'group_id', $current_url );
37
-
38
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : '';
39
  $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : '';
40
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
41
-
42
  $group_table = _groups_get_tablename( 'group' );
43
  $parent_select = '<select name="parent-id-field">';
44
  $parent_select .= '<option value="">--</option>';
@@ -47,45 +49,77 @@ function groups_admin_groups_add() {
47
  $parent_select .= '<option value="' . esc_attr( $group->group_id ) . '">' . wp_filter_nohtml_kses( $group->name ) . '</option>';
48
  }
49
  $parent_select .= '</select>';
50
-
51
- $output =
52
- '<div class="manage-groups">' .
53
- '<div>' .
54
- '<h2>' .
55
- __( 'Add a new group', GROUPS_PLUGIN_DOMAIN ) .
56
- '</h2>' .
57
- '</div>' .
58
-
59
- '<form id="add-group" action="' . $current_url . '" method="post">' .
60
- '<div class="group new">' .
61
-
62
- '<div class="field">' .
63
- '<label for="name-field" class="field-label first required">' .__( 'Name', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
64
- '<input id="name-field" name="name-field" class="namefield" type="text" value="' . esc_attr( $name ) . '"/>' .
65
- '</div>' .
66
-
67
- '<div class="field">' .
68
- '<label for="parent-id-field" class="field-label">' .__( 'Parent', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
69
- $parent_select .
70
- '</div>' .
71
-
72
- '<div class="field">' .
73
- '<label for="description-field" class="field-label description-field">' .__( 'Description', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
74
- '<textarea id="description-field" name="description-field" rows="5" cols="45">' . wp_filter_nohtml_kses( $description ) . '</textarea>' .
75
- '</div>' .
76
-
77
- '<div class="field">' .
78
- wp_nonce_field( 'groups-add', GROUPS_ADMIN_GROUPS_NONCE, true, false ) .
79
- '<input class="button" type="submit" value="' . __( 'Add', GROUPS_PLUGIN_DOMAIN ) . '"/>' .
80
- '<input type="hidden" value="add" name="action"/>' .
81
- '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>' .
82
- '</div>' .
83
- '</div>' . // .group.new
84
- '</form>' .
85
- '</div>'; // .manage-groups
86
-
87
- echo $output;
88
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
89
  Groups_Help::footer();
90
  } // function groups_admin_groups_add
91
 
@@ -94,21 +128,33 @@ function groups_admin_groups_add() {
94
  * @return int new group's id or false if unsuccessful
95
  */
96
  function groups_admin_groups_add_submit() {
97
-
98
  global $wpdb;
99
-
100
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
101
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
102
  }
103
-
104
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'groups-add' ) ) {
105
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
106
  }
107
-
108
  $creator_id = get_current_user_id();
109
- $datetime = date( 'Y-m-d H:i:s', time() );
110
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : null;
111
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
112
- $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : null;
113
- return Groups_Group::create( compact( "creator_id", "datetime", "parent_id", "description", "name" ) );
 
 
 
 
 
 
 
 
 
 
 
 
114
  } // function groups_admin_groups_add_submit
23
  * Show add group form.
24
  */
25
  function groups_admin_groups_add() {
26
+
27
  global $wpdb;
28
+
29
+ $output = '';
30
+
31
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
32
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
33
  }
34
+
35
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
36
  $current_url = remove_query_arg( 'paged', $current_url );
37
  $current_url = remove_query_arg( 'action', $current_url );
38
  $current_url = remove_query_arg( 'group_id', $current_url );
39
+
40
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : '';
41
  $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : '';
42
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
43
+
44
  $group_table = _groups_get_tablename( 'group' );
45
  $parent_select = '<select name="parent-id-field">';
46
  $parent_select .= '<option value="">--</option>';
49
  $parent_select .= '<option value="' . esc_attr( $group->group_id ) . '">' . wp_filter_nohtml_kses( $group->name ) . '</option>';
50
  }
51
  $parent_select .= '</select>';
52
+
53
+ $output .= '<div class="manage-groups">';
54
+ $output .= '<div>';
55
+ $output .= '<h2>';
56
+ $output .= __( 'Add a new group', GROUPS_PLUGIN_DOMAIN );
57
+ $output .= '</h2>';
58
+ $output .= '</div>';
59
+
60
+ $output .= '<form id="add-group" action="' . $current_url . '" method="post">';
61
+ $output .= '<div class="group new">';
62
+
63
+ $output .= '<div class="field">';
64
+ $output .= '<label for="name-field" class="field-label first required">';
65
+ $output .= __( 'Name', GROUPS_PLUGIN_DOMAIN );
66
+ $output .= '</label>';
67
+ $output .= '<input id="name-field" name="name-field" class="namefield" type="text" value="' . esc_attr( $name ) . '"/>';
68
+ $output .= '</div>';
69
+
70
+ $output .= '<div class="field">';
71
+ $output .= '<label for="parent-id-field" class="field-label">';
72
+ $output .= __( 'Parent', GROUPS_PLUGIN_DOMAIN );
73
+ $output .= '</label>';
74
+ $output .= $parent_select;
75
+ $output .= '</div>';
76
+
77
+ $output .= '<div class="field">';
78
+ $output .= '<label for="description-field" class="field-label description-field">';
79
+ $output .= __( 'Description', GROUPS_PLUGIN_DOMAIN );
80
+ $output .= '</label>';
81
+ $output .= '<textarea id="description-field" name="description-field" rows="5" cols="45">';
82
+ $output .= wp_filter_nohtml_kses( $description );
83
+ $output .= '</textarea>';
84
+ $output .= '</div>';
85
+
86
+ $output .= '<div class="field">';
87
+
88
+ $capability_table = _groups_get_tablename( "capability" );
89
+ $capabilities = $wpdb->get_results( "SELECT * FROM $capability_table ORDER BY capability" );
90
+
91
+ $output .= '<div class="select-capability-container" style="width:62%;">';
92
+ $output .= '<label>';
93
+ $output .= __( 'Capabilities', GROUPS_PLUGIN_DOMAIN );
94
+ $output .= sprintf(
95
+ '<select class="select capability" name="capability_ids[]" multiple="multiple" placeholder="%s">',
96
+ __( 'Choose capabilities &hellip;', GROUPS_PLUGIN_DOMAIN )
97
+ );
98
+ foreach( $capabilities as $capability ) {
99
+ $output .= sprintf( '<option value="%s">%s</option>', esc_attr( $capability->capability_id ), wp_filter_nohtml_kses( $capability->capability ) );
100
+ }
101
+ $output .= '</select>';
102
+ $output .= '</label>';
103
+ $output .= '</div>';
104
+ $output .= '<p class="description">';
105
+ $output .= __( 'These capabilities will be assigned to the group.', GROUPS_PLUGIN_DOMAIN );
106
+ $output .= '</p>';
107
+
108
+ $output .= Groups_UIE::render_select( '.select.capability' );
109
+ $output .= '</div>';
110
+
111
+ $output .= '<div class="field">';
112
+ $output .= wp_nonce_field( 'groups-add', GROUPS_ADMIN_GROUPS_NONCE, true, false );
113
+ $output .= '<input class="button" type="submit" value="' . __( 'Add', GROUPS_PLUGIN_DOMAIN ) . '"/>';
114
+ $output .= '<input type="hidden" value="add" name="action"/>';
115
+ $output .= '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>';
116
+ $output .= '</div>';
117
+ $output .= '</div>'; // .group.new
118
+ $output .= '</form>';
119
+ $output .= '</div>'; // .manage-groups
120
+
121
+ echo $output;
122
+
123
  Groups_Help::footer();
124
  } // function groups_admin_groups_add
125
 
128
  * @return int new group's id or false if unsuccessful
129
  */
130
  function groups_admin_groups_add_submit() {
131
+
132
  global $wpdb;
133
+
134
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
135
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
136
  }
137
+
138
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'groups-add' ) ) {
139
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
140
  }
141
+
142
  $creator_id = get_current_user_id();
143
+ $datetime = date( 'Y-m-d H:i:s', time() );
144
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : null;
145
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
146
+ $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : null;
147
+
148
+ $group_id = Groups_Group::create( compact( "creator_id", "datetime", "parent_id", "description", "name" ) );
149
+
150
+ if ( $group_id ) {
151
+ if ( !empty( $_POST['capability_ids'] ) ) {
152
+ $caps = $_POST['capability_ids'];
153
+ foreach( $caps as $cap ) {
154
+ Groups_Group_Capability::create( array( 'group_id' => $group_id, 'capability_id' => $cap ) );
155
+ }
156
+ }
157
+ }
158
+
159
+ return $group_id;
160
  } // function groups_admin_groups_add_submit
lib/admin/groups-admin-groups-edit.php CHANGED
@@ -24,27 +24,29 @@
24
  * @param int $group_id group id
25
  */
26
  function groups_admin_groups_edit( $group_id ) {
27
-
28
  global $wpdb;
29
-
 
 
30
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
31
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
32
  }
33
-
34
  $group = Groups_Group::read( intval( $group_id ) );
35
-
36
  if ( empty( $group ) ) {
37
  wp_die( __( 'No such group.', GROUPS_PLUGIN_DOMAIN ) );
38
  }
39
-
40
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
41
  $current_url = remove_query_arg( 'action', $current_url );
42
  $current_url = remove_query_arg( 'group_id', $current_url );
43
-
44
  $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : $group->name;
45
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : $group->description;
46
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : $group->parent_id;
47
-
48
  $group_table = _groups_get_tablename( 'group' );
49
  $parent_select = '<select name="parent-id-field">';
50
  $parent_select .= '<option value="">--</option>';
@@ -54,48 +56,90 @@ function groups_admin_groups_edit( $group_id ) {
54
  $parent_select .= '<option ' . $selected . 'value="' . esc_attr( $g->group_id ) . '">' . wp_filter_nohtml_kses( $g->name ) . '</option>';
55
  }
56
  $parent_select .= '</select>';
57
-
58
  $name_readonly = ( $name !== Groups_Registered::REGISTERED_GROUP_NAME ) ? "" : ' readonly="readonly" ';
59
-
60
- $output =
61
- '<div class="manage-groups">' .
62
- '<div>' .
63
- '<h2>' .
64
- __( 'Edit a group', GROUPS_PLUGIN_DOMAIN ) .
65
- '</h2>' .
66
- '</div>' .
67
-
68
- '<form id="edit-group" action="' . $current_url . '" method="post">' .
69
- '<div class="group edit">' .
70
- '<input id="group-id-field" name="group-id-field" type="hidden" value="' . esc_attr( intval( $group_id ) ) . '"/>' .
71
-
72
- '<div class="field">' .
73
- '<label for="name-field" class="field-label first required">' .__( 'Name', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
74
- '<input ' . $name_readonly . ' id="name-field" name="name-field" class="namefield" type="text" value="' . esc_attr( $name ) . '"/>' .
75
- '</div>' .
76
-
77
- '<div class="field">' .
78
- '<label for="parent-id-field" class="field-label">' .__( 'Parent', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
79
- $parent_select .
80
- '</div>' .
81
-
82
- '<div class="field">' .
83
- '<label for="description-field" class="field-label description-field">' .__( 'Description', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
84
- '<textarea id="description-field" name="description-field" rows="5" cols="45">' . wp_filter_nohtml_kses( $description ) . '</textarea>' .
85
- '</div>' .
86
-
87
- '<div class="field">' .
88
- wp_nonce_field( 'groups-edit', GROUPS_ADMIN_GROUPS_NONCE, true, false ) .
89
- '<input class="button" type="submit" value="' . __( 'Save', GROUPS_PLUGIN_DOMAIN ) . '"/>' .
90
- '<input type="hidden" value="edit" name="action"/>' .
91
- '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>' .
92
- '</div>' .
93
- '</div>' . // .group.edit
94
- '</form>' .
95
- '</div>'; // .manage-groups
96
-
97
- echo $output;
98
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
99
  Groups_Help::footer();
100
  } // function groups_admin_groups_edit
101
 
@@ -103,29 +147,61 @@ function groups_admin_groups_edit( $group_id ) {
103
  * Handle edit form submission.
104
  */
105
  function groups_admin_groups_edit_submit() {
106
-
 
107
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
108
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
109
  }
110
-
111
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'groups-edit' ) ) {
112
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
113
  }
114
-
115
  $group_id = isset( $_POST['group-id-field'] ) ? $_POST['group-id-field'] : null;
116
  $group = Groups_Group::read( $group_id );
117
  if ( $group ) {
118
- $group_id = $group->group_id;
119
  if ( $group->name !== Groups_Registered::REGISTERED_GROUP_NAME ) {
120
- $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : null;
121
  } else {
122
  $name = Groups_Registered::REGISTERED_GROUP_NAME;
123
  }
124
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : null;
125
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
126
- return Groups_Group::update( compact( "group_id", "name", "parent_id", "description" ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
127
  } else {
128
  return false;
129
  }
130
-
131
  } // function groups_admin_groups_edit_submit
24
  * @param int $group_id group id
25
  */
26
  function groups_admin_groups_edit( $group_id ) {
27
+
28
  global $wpdb;
29
+
30
+ $output = '';
31
+
32
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
33
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
34
  }
35
+
36
  $group = Groups_Group::read( intval( $group_id ) );
37
+
38
  if ( empty( $group ) ) {
39
  wp_die( __( 'No such group.', GROUPS_PLUGIN_DOMAIN ) );
40
  }
41
+
42
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
43
  $current_url = remove_query_arg( 'action', $current_url );
44
  $current_url = remove_query_arg( 'group_id', $current_url );
45
+
46
  $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : $group->name;
47
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : $group->description;
48
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : $group->parent_id;
49
+
50
  $group_table = _groups_get_tablename( 'group' );
51
  $parent_select = '<select name="parent-id-field">';
52
  $parent_select .= '<option value="">--</option>';
56
  $parent_select .= '<option ' . $selected . 'value="' . esc_attr( $g->group_id ) . '">' . wp_filter_nohtml_kses( $g->name ) . '</option>';
57
  }
58
  $parent_select .= '</select>';
59
+
60
  $name_readonly = ( $name !== Groups_Registered::REGISTERED_GROUP_NAME ) ? "" : ' readonly="readonly" ';
61
+
62
+ $output .= '<div class="manage-groups">';
63
+ $output .= '<div>';
64
+ $output .= '<h2>';
65
+ $output .= __( 'Edit a group', GROUPS_PLUGIN_DOMAIN );
66
+ $output .= '</h2>';
67
+ $output .= '</div>';
68
+
69
+ $output .= '<form id="edit-group" action="' . $current_url . '" method="post">';
70
+ $output .= '<div class="group edit">';
71
+ $output .= '<input id="group-id-field" name="group-id-field" type="hidden" value="' . esc_attr( intval( $group_id ) ) . '"/>';
72
+
73
+ $output .= '<div class="field">';
74
+ $output .= '<label for="name-field" class="field-label first required">';
75
+ $output .= __( 'Name', GROUPS_PLUGIN_DOMAIN );
76
+ $output .= '</label>';
77
+ $output .= '<input ' . $name_readonly . ' id="name-field" name="name-field" class="namefield" type="text" value="' . esc_attr( $name ) . '"/>';
78
+ $output .= '</div>';
79
+
80
+ $output .= '<div class="field">';
81
+ $output .= '<label for="parent-id-field" class="field-label">';
82
+ $output .= __( 'Parent', GROUPS_PLUGIN_DOMAIN );
83
+ $output .= '</label>';
84
+ $output .= $parent_select;
85
+ $output .= '</div>';
86
+
87
+ $output .= '<div class="field">';
88
+ $output .= '<label for="description-field" class="field-label description-field">';
89
+ $output .= __( 'Description', GROUPS_PLUGIN_DOMAIN );
90
+ $output .= '</label>';
91
+ $output .= '<textarea id="description-field" name="description-field" rows="5" cols="45">';
92
+ $output .= wp_filter_nohtml_kses( $description );
93
+ $output .= '</textarea>';
94
+ $output .= '</div>';
95
+
96
+ $capability_table = _groups_get_tablename( 'capability' );
97
+ $group_capability_table = _groups_get_tablename( 'group_capability' );
98
+ $group_capabilities = $wpdb->get_results( $wpdb->prepare(
99
+ "SELECT * FROM $capability_table WHERE capability_id IN ( SELECT capability_id FROM $group_capability_table WHERE group_id = %d )",
100
+ Groups_Utility::id( $group_id )
101
+ ) );
102
+ $group_capabilities_array = array();
103
+ if ( count( $group_capabilities ) > 0 ) {
104
+ foreach ( $group_capabilities as $group_capability ) {
105
+ $group_capabilities_array[] = $group_capability->capability_id;
106
+ }
107
+ }
108
+ $capabilities = $wpdb->get_results( "SELECT * FROM $capability_table ORDER BY capability" );
109
+
110
+ $output .= '<div class="field">';
111
+ $output .= '<div class="select-capability-container" style="width:62%;">';
112
+ $output .= '<label>';
113
+ $output .= __( 'Capabilities', GROUPS_PLUGIN_DOMAIN );
114
+ $output .= sprintf(
115
+ '<select class="select capability" name="capability_ids[]" multiple="multiple" placeholder="%s">',
116
+ __( 'Choose capabilities &hellip;', GROUPS_PLUGIN_DOMAIN )
117
+ );
118
+ foreach( $capabilities as $capability ) {
119
+ $selected = in_array( $capability->capability_id, $group_capabilities_array ) ? ' selected="selected" ' : '';
120
+ $output .= sprintf( '<option value="%s" %s>%s</option>', esc_attr( $capability->capability_id ), $selected, wp_filter_nohtml_kses( $capability->capability ) );
121
+ }
122
+ $output .= '</select>';
123
+ $output .= '</label>';
124
+ $output .= '</div>'; // .select-capability-container
125
+ $output .= '<p class="description">';
126
+ $output .= __( 'The chosen capabilities are assigned to the group.', GROUPS_PLUGIN_DOMAIN );
127
+ $output .= '</p>';
128
+ $output .= '</div>'; // .field
129
+ $output .= Groups_UIE::render_select( '.select.capability' );
130
+
131
+ $output .= '<div class="field">';
132
+ $output .= wp_nonce_field( 'groups-edit', GROUPS_ADMIN_GROUPS_NONCE, true, false );
133
+ $output .= '<input class="button" type="submit" value="' . __( 'Save', GROUPS_PLUGIN_DOMAIN ) . '"/>';
134
+ $output .= '<input type="hidden" value="edit" name="action"/>';
135
+ $output .= '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>';
136
+ $output .= '</div>';
137
+ $output .= '</div>'; // .group.edit
138
+ $output .= '</form>';
139
+ $output .= '</div>'; // .manage-groups
140
+
141
+ echo $output;
142
+
143
  Groups_Help::footer();
144
  } // function groups_admin_groups_edit
145
 
147
  * Handle edit form submission.
148
  */
149
  function groups_admin_groups_edit_submit() {
150
+ global $wpdb;
151
+
152
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
153
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
154
  }
155
+
156
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE], 'groups-edit' ) ) {
157
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
158
  }
159
+
160
  $group_id = isset( $_POST['group-id-field'] ) ? $_POST['group-id-field'] : null;
161
  $group = Groups_Group::read( $group_id );
162
  if ( $group ) {
163
+ $group_id = $group->group_id;
164
  if ( $group->name !== Groups_Registered::REGISTERED_GROUP_NAME ) {
165
+ $name = isset( $_POST['name-field'] ) ? $_POST['name-field'] : null;
166
  } else {
167
  $name = Groups_Registered::REGISTERED_GROUP_NAME;
168
  }
169
  $parent_id = isset( $_POST['parent-id-field'] ) ? $_POST['parent-id-field'] : null;
170
  $description = isset( $_POST['description-field'] ) ? $_POST['description-field'] : '';
171
+ $group_id = Groups_Group::update( compact( "group_id", "name", "parent_id", "description" ) );
172
+
173
+ if ( $group_id ) {
174
+ $capability_table = _groups_get_tablename( "capability" );
175
+ $group_capability_table = _groups_get_tablename( "group_capability" );
176
+ $group_capabilities = $wpdb->get_results( $wpdb->prepare(
177
+ "SELECT * FROM $capability_table WHERE capability_id IN ( SELECT capability_id FROM $group_capability_table WHERE group_id = %d )",
178
+ Groups_Utility::id( $group_id )
179
+ ) );
180
+ $group_capabilities_array = array();
181
+ foreach ( $group_capabilities as $group_capability ) {
182
+ $group_capabilities_array[] = $group_capability->capability_id;
183
+ }
184
+
185
+ $caps = array();
186
+ if ( isset( $_POST['capability_ids'] ) ) {
187
+ $caps = $_POST['capability_ids'];
188
+ }
189
+ // delete
190
+ foreach( $group_capabilities_array as $group_cap ) {
191
+ if ( !in_array( $group_cap, $caps ) ) {
192
+ Groups_Group_Capability::delete( $group_id, $group_cap );
193
+ }
194
+ }
195
+ // add
196
+ foreach( $caps as $cap ) {
197
+ if ( !in_array( $cap, $group_capabilities_array ) ) {
198
+ Groups_Group_Capability::create( array( 'group_id' => $group_id, 'capability_id' => $cap ) );
199
+ }
200
+ }
201
+ }
202
+ return $group_id;
203
  } else {
204
  return false;
205
  }
206
+
207
  } // function groups_admin_groups_edit_submit
lib/admin/groups-admin-groups-remove.php CHANGED
@@ -46,9 +46,9 @@ function groups_admin_groups_remove( $group_id ) {
46
  $output =
47
  '<div class="manage-groups">' .
48
  '<div>' .
49
- '<h2>' .
50
- __( 'Remove a group', GROUPS_PLUGIN_DOMAIN ) .
51
- '</h2>' .
52
  '</div>' .
53
  '<form id="remove-group" action="' . $current_url . '" method="post">' .
54
  '<div class="group remove">' .
@@ -96,4 +96,108 @@ function groups_admin_groups_remove_submit() {
96
  }
97
  return $result;
98
  } // function groups_admin_groups_remove_submit
99
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
46
  $output =
47
  '<div class="manage-groups">' .
48
  '<div>' .
49
+ '<h2>' .
50
+ __( 'Remove a group', GROUPS_PLUGIN_DOMAIN ) .
51
+ '</h2>' .
52
  '</div>' .
53
  '<form id="remove-group" action="' . $current_url . '" method="post">' .
54
  '<div class="group remove">' .
96
  }
97
  return $result;
98
  } // function groups_admin_groups_remove_submit
99
+
100
+ /**
101
+ * Shows form to confirm bulk-removal of groups.
102
+ */
103
+ function groups_admin_groups_bulk_remove() {
104
+
105
+ global $wpdb;
106
+
107
+ $output = '';
108
+
109
+ if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
110
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
111
+ }
112
+
113
+ $group_ids = isset( $_POST['group_ids'] ) ? $_POST['group_ids'] : null;
114
+
115
+ if ( ! $group_ids ) {
116
+ wp_die( __( 'No such groups.', GROUPS_PLUGIN_DOMAIN ) );
117
+ }
118
+
119
+ $groups = array();
120
+ foreach ( $group_ids as $group_id ) {
121
+ $group = Groups_Group::read( intval( $group_id ) );
122
+ if ( $group ) {
123
+ $groups[] = $group;
124
+ }
125
+ }
126
+
127
+ $group_table = _groups_get_tablename( 'group' );
128
+
129
+ $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
130
+ $current_url = remove_query_arg( 'action', $current_url );
131
+ $current_url = remove_query_arg( 'group_id', $current_url );
132
+
133
+ $output .= '<div class="manage-groups">';
134
+ $output .= '<div>';
135
+ $output .= '<h2>';
136
+ $output .= __( 'Remove groups', GROUPS_PLUGIN_DOMAIN );
137
+ $output .= '</h2>';
138
+ $output .= '</div>';
139
+
140
+ $output .= '<form id="groups-action" method="post" action="">';
141
+ $output .= '<div class="group remove">';
142
+
143
+ $output .= '<p>';
144
+ $output .= __( 'Please confirm removal of the following groups. This action cannot be undone.', GROUPS_PLUGIN_DOMAIN );
145
+ $output .= '</p>';
146
+
147
+ foreach ( $groups as $group ) {
148
+ $output .= '<input id="group_ids" name="group_ids[]" type="hidden" value="' . esc_attr( intval( $group->group_id ) ) . '"/>';
149
+ $output .= '<ul>';
150
+ $output .= '<li>';
151
+ $output .= sprintf( __( '<strong>%s</strong>', GROUPS_PLUGIN_DOMAIN ), wp_filter_nohtml_kses( $group->name ) );
152
+ $output .= '</li>';
153
+ $output .= '</ul>';
154
+ }
155
+ $output .= '<input class="button" type="submit" name="bulk" value="' . __( "Remove", GROUPS_PLUGIN_DOMAIN ) . '"/>';
156
+ $output .= '<a class="cancel" href="' . $current_url . '">' . __( 'Cancel', GROUPS_PLUGIN_DOMAIN ) . '</a>';
157
+
158
+ $output .= '<input type="hidden" name="action" value="groups-action"/>';
159
+ $output .= '<input type="hidden" name="bulk-action" value="remove-group"/>';
160
+ $output .= '<input type="hidden" name="confirm" value="1"/>';
161
+ $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false );
162
+
163
+ $output .= '</div>';
164
+ $output .= '</form>';
165
+ $output .= '</div>';
166
+
167
+ echo $output;
168
+
169
+ Groups_Help::footer();
170
+ } // function groups_admin_groups_bulk_remove
171
+
172
+ /**
173
+ * Handle remove form submission.
174
+ * @return array of deleted groups' ids
175
+ */
176
+ function groups_admin_groups_bulk_remove_submit() {
177
+ global $wpdb;
178
+
179
+ $result = array();
180
+ if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
181
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
182
+ }
183
+
184
+ if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin' ) ) {
185
+ wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
186
+ }
187
+
188
+ $group_ids = isset( $_POST['group_ids'] ) ? $_POST['group_ids'] : null;
189
+ if ( $group_ids ) {
190
+ foreach ( $group_ids as $group_id ) {
191
+ $group = Groups_Group::read( $group_id );
192
+ if ( $group ) {
193
+ if ( $group->name !== Groups_Registered::REGISTERED_GROUP_NAME ) {
194
+ if ( Groups_Group::delete( $group_id ) ) {
195
+ $result[] = $group->group_id;
196
+ }
197
+ }
198
+ }
199
+ }
200
+ }
201
+
202
+ return $result;
203
+ } // function groups_admin_groups_bulk_remove_submit
lib/admin/groups-admin-groups.php CHANGED
@@ -35,12 +35,12 @@ require_once( GROUPS_ADMIN_LIB . '/groups-admin-groups-remove.php');
35
  * Manage Groups: table of groups and add, edit, remove actions.
36
  */
37
  function groups_admin_groups() {
38
-
39
  global $wpdb;
40
-
41
  $output = '';
42
  $today = date( 'Y-m-d', time() );
43
-
44
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
45
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
46
  }
@@ -64,25 +64,40 @@ function groups_admin_groups() {
64
  case 'remove' :
65
  groups_admin_groups_remove_submit();
66
  break;
67
- // bulk actions on groups: capabilities
68
  case 'groups-action' :
69
  if ( wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin' ) ) {
70
  $group_ids = isset( $_POST['group_ids'] ) ? $_POST['group_ids'] : null;
71
- $subaction = null;
72
- if ( isset( $_POST['add'] ) ) {
73
- $subaction = 'add';
74
- } else if ( isset( $_POST['remove'] ) ) {
75
- $subaction = 'remove';
76
  }
77
- $capability_id = isset( $_POST['capability_id'] ) ? $_POST['capability_id'] : null;
78
- if ( is_array( $group_ids ) && ( $subaction !== null ) && ( $capability_id !== null ) ) {
79
  foreach ( $group_ids as $group_id ) {
80
- switch ( $subaction ) {
81
- case 'add' :
82
- Groups_Group_Capability::create( array( 'group_id' => $group_id, 'capability_id' => $capability_id ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
83
  break;
84
- case 'remove' :
85
- Groups_Group_Capability::delete( $group_id, $capability_id );
 
 
 
 
 
86
  break;
87
  }
88
  }
@@ -108,7 +123,7 @@ function groups_admin_groups() {
108
  break;
109
  }
110
  }
111
-
112
  //
113
  // group table
114
  //
@@ -121,11 +136,11 @@ function groups_admin_groups() {
121
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
122
  }
123
  }
124
-
125
  // filters
126
  $group_id = Groups_Options::get_user_option( 'groups_group_id', null );
127
  $group_name = Groups_Options::get_user_option( 'groups_group_name', null );
128
-
129
  if ( isset( $_POST['clear_filters'] ) ) {
130
  Groups_Options::delete_user_option( 'groups_group_id' );
131
  Groups_Options::delete_user_option( 'groups_group_name' );
@@ -143,29 +158,29 @@ function groups_admin_groups() {
143
  Groups_Options::update_user_option( 'groups_group_id', $group_id );
144
  } else if ( isset( $_POST['group_id'] ) ) { // empty && isset => '' => all
145
  $group_id = null;
146
- Groups_Options::delete_user_option( 'groups_group_id' );
147
  }
148
  }
149
-
150
  if ( isset( $_POST['row_count'] ) ) {
151
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE_1], 'admin' ) ) {
152
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
153
  }
154
  }
155
-
156
  if ( isset( $_POST['paged'] ) ) {
157
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE_2], 'admin' ) ) {
158
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
159
  }
160
  }
161
-
162
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
163
  $current_url = remove_query_arg( 'paged', $current_url );
164
  $current_url = remove_query_arg( 'action', $current_url );
165
  $current_url = remove_query_arg( 'group_id', $current_url );
166
-
167
  $group_table = _groups_get_tablename( 'group' );
168
-
169
  $output .=
170
  '<div class="manage-groups">' .
171
  '<div>' .
@@ -173,14 +188,14 @@ function groups_admin_groups() {
173
  __( 'Groups', GROUPS_PLUGIN_DOMAIN ) .
174
  '</h2>' .
175
  '</div>';
176
-
177
  $output .=
178
  '<div class="manage">' .
179
  "<a title='" . __( 'Click to add a new group', GROUPS_PLUGIN_DOMAIN ) . "' class='add button' href='" . esc_url( $current_url ) . "&action=add'><img class='icon' alt='" . __( 'Add', GROUPS_PLUGIN_DOMAIN) . "' src='". GROUPS_PLUGIN_URL ."images/add.png'/><span class='label'>" . __( 'New Group', GROUPS_PLUGIN_DOMAIN) . "</span></a>" .
180
  '</div>';
181
 
182
  $row_count = isset( $_POST['row_count'] ) ? intval( $_POST['row_count'] ) : 0;
183
-
184
  if ($row_count <= 0) {
185
  $row_count = Groups_Options::get_user_option( 'groups_per_page', GROUPS_GROUPS_PER_PAGE );
186
  } else {
@@ -194,7 +209,7 @@ function groups_admin_groups() {
194
  if ( $paged < 0 ) {
195
  $paged = 0;
196
  }
197
-
198
  $orderby = isset( $_GET['orderby'] ) ? $_GET['orderby'] : null;
199
  switch ( $orderby ) {
200
  case 'group_id' :
@@ -203,7 +218,7 @@ function groups_admin_groups() {
203
  default:
204
  $orderby = 'name';
205
  }
206
-
207
  $order = isset( $_GET['order'] ) ? $_GET['order'] : null;
208
  switch ( $order ) {
209
  case 'asc' :
@@ -218,7 +233,7 @@ function groups_admin_groups() {
218
  $order = 'ASC';
219
  $switch_order = 'DESC';
220
  }
221
-
222
  $filters = array();
223
  $filter_params = array();
224
  if ( $group_id ) {
@@ -229,13 +244,13 @@ function groups_admin_groups() {
229
  $filters[] = " $group_table.name LIKE '%%%s%%' ";
230
  $filter_params[] = $group_name;
231
  }
232
-
233
  if ( !empty( $filters ) ) {
234
  $filters = " WHERE " . implode( " AND ", $filters );
235
  } else {
236
  $filters = '';
237
  }
238
-
239
  $count_query = $wpdb->prepare( "SELECT COUNT(*) FROM $group_table $filters", $filter_params );
240
  $count = $wpdb->get_var( $count_query );
241
  if ( $count > $row_count ) {
@@ -250,7 +265,7 @@ function groups_admin_groups() {
250
  if ( $paged != 0 ) {
251
  $offset = ( $paged - 1 ) * $row_count;
252
  }
253
-
254
  $query = $wpdb->prepare(
255
  "SELECT * FROM $group_table
256
  $filters
@@ -258,20 +273,20 @@ function groups_admin_groups() {
258
  LIMIT $row_count OFFSET $offset",
259
  $filter_params
260
  );
261
-
262
  $results = $wpdb->get_results( $query, OBJECT );
263
 
264
  $column_display_names = array(
265
  'group_id' => __( 'Id', GROUPS_PLUGIN_DOMAIN ),
266
  'name' => __( 'Group', GROUPS_PLUGIN_DOMAIN ),
267
  'description' => __( 'Description', GROUPS_PLUGIN_DOMAIN ),
268
- 'capabilities' => __( 'Capabilities', GROUPS_PLUGIN_DOMAIN ),
269
  'edit' => __( 'Edit', GROUPS_PLUGIN_DOMAIN ),
270
  'remove' => __( 'Remove', GROUPS_PLUGIN_DOMAIN )
271
  );
272
-
273
  $output .= '<div class="groups-overview">';
274
-
275
  $output .=
276
  '<div class="filters">' .
277
  '<label class="description" for="setfilters">' . __( 'Filters', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
@@ -290,20 +305,7 @@ function groups_admin_groups() {
290
  '</p>' .
291
  '</form>' .
292
  '</div>';
293
-
294
- $output .= '
295
- <div class="page-options">
296
- <form id="setrowcount" action="" method="post">
297
- <div>
298
- <label for="row_count">' . __('Results per page', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
299
- '<input name="row_count" type="text" size="2" value="' . esc_attr( $row_count ) .'" />
300
- ' . wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_NONCE_1, true, false ) . '
301
- <input class="button" type="submit" value="' . __( 'Apply', GROUPS_PLUGIN_DOMAIN ) . '"/>
302
- </div>
303
- </form>
304
- </div>
305
- ';
306
-
307
  if ( $paginate ) {
308
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
309
  $pagination = new Groups_Pagination( $count, null, $row_count );
@@ -316,41 +318,60 @@ function groups_admin_groups() {
316
  $output .= '</div>';
317
  $output .= '</form>';
318
  }
319
-
320
-
 
 
 
 
 
 
 
 
 
 
321
  $capability_table = _groups_get_tablename( "capability" );
322
  $group_capability_table = _groups_get_tablename( "group_capability" );
323
-
324
  // capabilities select
325
- $capabilities_select = '<select name="capability_id">';
326
  $capabilities = $wpdb->get_results( "SELECT * FROM $capability_table ORDER BY capability" );
 
 
 
 
 
327
  foreach( $capabilities as $capability ) {
328
- $capabilities_select .= '<option value="' . esc_attr( $capability->capability_id ) . '">' . wp_filter_nohtml_kses( $capability->capability ) . '</option>';
329
  }
330
  $capabilities_select .= '</select>';
331
-
332
-
333
  $output .= '<form id="groups-action" method="post" action="">';
334
-
335
  $output .= '<div class="tablenav top">';
336
- $output .= '<div class="alignleft">';
337
- $output .= __( "Apply capability to selected groups:", GROUPS_PLUGIN_DOMAIN );
 
338
  $output .= $capabilities_select;
339
- $output .= '<input class="button" type="submit" name="add" value="' . __( "Add", GROUPS_PLUGIN_DOMAIN ) . '"/>';
340
- $output .= '<input class="button" type="submit" name="remove" value="' . __( "Remove", GROUPS_PLUGIN_DOMAIN ) . '"/>';
341
  $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false );
 
 
 
 
 
 
 
 
342
  $output .= '<input type="hidden" name="action" value="groups-action"/>';
343
- $output .= '</div>'; // .alignleft
344
- $output .= '</div>'; // .tablenav.top
345
-
346
- $output .= '
347
- <table id="" class="wp-list-table widefat fixed" cellspacing="0">
348
- <thead>
349
- <tr>
350
- ';
351
-
352
  $output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
353
-
354
  foreach ( $column_display_names as $key => $column_display_name ) {
355
  $options = array(
356
  'orderby' => $key,
@@ -368,29 +389,28 @@ function groups_admin_groups() {
368
  }
369
  $output .= "<th scope='col' class='$class'>$column_display_name</th>";
370
  }
371
-
372
- $output .= '</tr>
373
- </thead>
374
- <tbody>
375
- ';
376
-
377
  if ( count( $results ) > 0 ) {
378
  for ( $i = 0; $i < count( $results ); $i++ ) {
379
-
380
  $result = $results[$i];
381
-
382
  $output .= '<tr class="' . ( $i % 2 == 0 ? 'even' : 'odd' ) . '">';
383
-
384
  $output .= '<th class="check-column">';
385
  $output .= '<input type="checkbox" value="' . esc_attr( $result->group_id ) . '" name="group_ids[]"/>';
386
  $output .= '</th>';
387
-
388
  $output .= "<td class='group-id'>";
389
  $output .= $result->group_id;
390
  $output .= "</td>";
391
  $output .= "<td class='group-name'>" . stripslashes( wp_filter_nohtml_kses( $result->name ) ) . "</td>";
392
  $output .= "<td class='group-description'>" . stripslashes( wp_filter_nohtml_kses( $result->description ) ) . "</td>";
393
-
394
  $output .= '<td class="capabilities">';
395
  $group_capabilities = $wpdb->get_results( $wpdb->prepare(
396
  "SELECT * FROM $capability_table WHERE capability_id IN ( SELECT capability_id FROM $group_capability_table WHERE group_id = %d )",
@@ -406,40 +426,40 @@ function groups_admin_groups() {
406
  $output .= __( 'This group has no capabilities.', GROUPS_PLUGIN_DOMAIN );
407
  }
408
  $output .= '</td>';
409
-
410
  $output .= "<td class='edit'>";
411
  $output .= "<a href='" . esc_url( add_query_arg( 'paged', $paged, $current_url ) ) . "&action=edit&group_id=" . $result->group_id . "' alt='" . __( 'Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/edit.png'/></a>";
412
  $output .= "</td>";
413
-
414
  $output .= "<td class='remove'>";
415
  if ( $result->name !== Groups_Registered::REGISTERED_GROUP_NAME ) {
416
  $output .= "<a href='" . esc_url( $current_url ) . "&action=remove&group_id=" . $result->group_id . "' alt='" . __( 'Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/remove.png'/></a>";
417
  }
418
  $output .= "</td>";
419
-
420
  $output .= '</tr>';
421
  }
422
  } else {
423
  $output .= '<tr><td colspan="7">' . __( 'There are no results.', GROUPS_PLUGIN_DOMAIN ) . '</td></tr>';
424
  }
425
-
426
  $output .= '</tbody>';
427
  $output .= '</table>';
428
-
429
  $output .= '</form>'; // #groups-action
430
-
431
  if ( $paginate ) {
432
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
433
  $pagination = new Groups_Pagination($count, null, $row_count);
434
  $output .= '<div class="tablenav bottom">';
435
  $output .= $pagination->pagination( 'bottom' );
436
- $output .= '</div>';
437
  }
438
 
439
  $output .= '</div>'; // .groups-overview
440
  $output .= '</div>'; // .manage-groups
441
-
442
  echo $output;
443
  Groups_Help::footer();
444
  } // function groups_admin_groups()
445
- ?>
35
  * Manage Groups: table of groups and add, edit, remove actions.
36
  */
37
  function groups_admin_groups() {
38
+
39
  global $wpdb;
40
+
41
  $output = '';
42
  $today = date( 'Y-m-d', time() );
43
+
44
  if ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ) {
45
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
46
  }
64
  case 'remove' :
65
  groups_admin_groups_remove_submit();
66
  break;
67
+ // bulk actions on groups: add capabilities, remove capabilities, remove groups
68
  case 'groups-action' :
69
  if ( wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin' ) ) {
70
  $group_ids = isset( $_POST['group_ids'] ) ? $_POST['group_ids'] : null;
71
+ $bulk_action = null;
72
+ if ( isset( $_POST['bulk'] ) ) {
73
+ $bulk_action = $_POST['bulk-action'];
 
 
74
  }
75
+ if ( is_array( $group_ids ) && ( $bulk_action !== null ) ) {
 
76
  foreach ( $group_ids as $group_id ) {
77
+ switch ( $bulk_action ) {
78
+ case 'add-capability' :
79
+ $capabilities_id = isset( $_POST['capability_id'] ) ? $_POST['capability_id'] : null;
80
+ if ( $capabilities_id !== null ) {
81
+ foreach ( $capabilities_id as $capability_id ) {
82
+ Groups_Group_Capability::create( array( 'group_id' => $group_id, 'capability_id' => $capability_id ) );
83
+ }
84
+ }
85
+ break;
86
+ case 'remove-capability' :
87
+ $capabilities_id = isset( $_POST['capability_id'] ) ? $_POST['capability_id'] : null;
88
+ if ( $capabilities_id !== null ) {
89
+ foreach ( $capabilities_id as $capability_id ) {
90
+ Groups_Group_Capability::delete( $group_id, $capability_id );
91
+ }
92
+ }
93
  break;
94
+ case 'remove-group' :
95
+ $bulk_confirm = isset( $_POST['confirm'] ) ? true : false;
96
+ if ( $bulk_confirm ) {
97
+ groups_admin_groups_bulk_remove_submit();
98
+ } else {
99
+ return groups_admin_groups_bulk_remove();
100
+ }
101
  break;
102
  }
103
  }
123
  break;
124
  }
125
  }
126
+
127
  //
128
  // group table
129
  //
136
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
137
  }
138
  }
139
+
140
  // filters
141
  $group_id = Groups_Options::get_user_option( 'groups_group_id', null );
142
  $group_name = Groups_Options::get_user_option( 'groups_group_name', null );
143
+
144
  if ( isset( $_POST['clear_filters'] ) ) {
145
  Groups_Options::delete_user_option( 'groups_group_id' );
146
  Groups_Options::delete_user_option( 'groups_group_name' );
158
  Groups_Options::update_user_option( 'groups_group_id', $group_id );
159
  } else if ( isset( $_POST['group_id'] ) ) { // empty && isset => '' => all
160
  $group_id = null;
161
+ Groups_Options::delete_user_option( 'groups_group_id' );
162
  }
163
  }
164
+
165
  if ( isset( $_POST['row_count'] ) ) {
166
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE_1], 'admin' ) ) {
167
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
168
  }
169
  }
170
+
171
  if ( isset( $_POST['paged'] ) ) {
172
  if ( !wp_verify_nonce( $_POST[GROUPS_ADMIN_GROUPS_NONCE_2], 'admin' ) ) {
173
  wp_die( __( 'Access denied.', GROUPS_PLUGIN_DOMAIN ) );
174
  }
175
  }
176
+
177
  $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
178
  $current_url = remove_query_arg( 'paged', $current_url );
179
  $current_url = remove_query_arg( 'action', $current_url );
180
  $current_url = remove_query_arg( 'group_id', $current_url );
181
+
182
  $group_table = _groups_get_tablename( 'group' );
183
+
184
  $output .=
185
  '<div class="manage-groups">' .
186
  '<div>' .
188
  __( 'Groups', GROUPS_PLUGIN_DOMAIN ) .
189
  '</h2>' .
190
  '</div>';
191
+
192
  $output .=
193
  '<div class="manage">' .
194
  "<a title='" . __( 'Click to add a new group', GROUPS_PLUGIN_DOMAIN ) . "' class='add button' href='" . esc_url( $current_url ) . "&action=add'><img class='icon' alt='" . __( 'Add', GROUPS_PLUGIN_DOMAIN) . "' src='". GROUPS_PLUGIN_URL ."images/add.png'/><span class='label'>" . __( 'New Group', GROUPS_PLUGIN_DOMAIN) . "</span></a>" .
195
  '</div>';
196
 
197
  $row_count = isset( $_POST['row_count'] ) ? intval( $_POST['row_count'] ) : 0;
198
+
199
  if ($row_count <= 0) {
200
  $row_count = Groups_Options::get_user_option( 'groups_per_page', GROUPS_GROUPS_PER_PAGE );
201
  } else {
209
  if ( $paged < 0 ) {
210
  $paged = 0;
211
  }
212
+
213
  $orderby = isset( $_GET['orderby'] ) ? $_GET['orderby'] : null;
214
  switch ( $orderby ) {
215
  case 'group_id' :
218
  default:
219
  $orderby = 'name';
220
  }
221
+
222
  $order = isset( $_GET['order'] ) ? $_GET['order'] : null;
223
  switch ( $order ) {
224
  case 'asc' :
233
  $order = 'ASC';
234
  $switch_order = 'DESC';
235
  }
236
+
237
  $filters = array();
238
  $filter_params = array();
239
  if ( $group_id ) {
244
  $filters[] = " $group_table.name LIKE '%%%s%%' ";
245
  $filter_params[] = $group_name;
246
  }
247
+
248
  if ( !empty( $filters ) ) {
249
  $filters = " WHERE " . implode( " AND ", $filters );
250
  } else {
251
  $filters = '';
252
  }
253
+
254
  $count_query = $wpdb->prepare( "SELECT COUNT(*) FROM $group_table $filters", $filter_params );
255
  $count = $wpdb->get_var( $count_query );
256
  if ( $count > $row_count ) {
265
  if ( $paged != 0 ) {
266
  $offset = ( $paged - 1 ) * $row_count;
267
  }
268
+
269
  $query = $wpdb->prepare(
270
  "SELECT * FROM $group_table
271
  $filters
273
  LIMIT $row_count OFFSET $offset",
274
  $filter_params
275
  );
276
+
277
  $results = $wpdb->get_results( $query, OBJECT );
278
 
279
  $column_display_names = array(
280
  'group_id' => __( 'Id', GROUPS_PLUGIN_DOMAIN ),
281
  'name' => __( 'Group', GROUPS_PLUGIN_DOMAIN ),
282
  'description' => __( 'Description', GROUPS_PLUGIN_DOMAIN ),
283
+ 'capabilities' => __( 'Capabilities', GROUPS_PLUGIN_DOMAIN ),
284
  'edit' => __( 'Edit', GROUPS_PLUGIN_DOMAIN ),
285
  'remove' => __( 'Remove', GROUPS_PLUGIN_DOMAIN )
286
  );
287
+
288
  $output .= '<div class="groups-overview">';
289
+
290
  $output .=
291
  '<div class="filters">' .
292
  '<label class="description" for="setfilters">' . __( 'Filters', GROUPS_PLUGIN_DOMAIN ) . '</label>' .
305
  '</p>' .
306
  '</form>' .
307
  '</div>';
308
+
 
 
 
 
 
 
 
 
 
 
 
 
 
309
  if ( $paginate ) {
310
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
311
  $pagination = new Groups_Pagination( $count, null, $row_count );
318
  $output .= '</div>';
319
  $output .= '</form>';
320
  }
321
+
322
+ $output .= '<div class="page-options right">';
323
+ $output .= '<form id="setrowcount" action="" method="post">';
324
+ $output .= '<div>';
325
+ $output .= '<label for="row_count">' . __('Results per page', GROUPS_PLUGIN_DOMAIN ) . '</label>';
326
+ $output .= '<input name="row_count" type="text" size="2" value="' . esc_attr( $row_count ) .'" />';
327
+ $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_NONCE_1, true, false );
328
+ $output .= '<input class="button" type="submit" value="' . __( 'Apply', GROUPS_PLUGIN_DOMAIN ) . '"/>';
329
+ $output .= '</div>';
330
+ $output .= '</form>';
331
+ $output .= '</div>';
332
+
333
  $capability_table = _groups_get_tablename( "capability" );
334
  $group_capability_table = _groups_get_tablename( "group_capability" );
335
+
336
  // capabilities select
 
337
  $capabilities = $wpdb->get_results( "SELECT * FROM $capability_table ORDER BY capability" );
338
+ $capabilities_select = sprintf(
339
+ '<select class="select capability" name="capability_id[]" multiple="multiple" placeholder="%s" data-placeholder="%s">',
340
+ esc_attr( __( 'Capabilities &hellip;', GROUPS_PLUGIN_DOMAIN ) ) ,
341
+ esc_attr( __( 'Capabilities &hellip;', GROUPS_PLUGIN_DOMAIN ) )
342
+ );
343
  foreach( $capabilities as $capability ) {
344
+ $capabilities_select .= sprintf( '<option value="%s">%s</option>', esc_attr( $capability->capability_id ), wp_filter_nohtml_kses( $capability->capability ) );
345
  }
346
  $capabilities_select .= '</select>';
347
+ $capabilities_select .= Groups_UIE::render_select( '.select.capability' );
348
+
349
  $output .= '<form id="groups-action" method="post" action="">';
350
+
351
  $output .= '<div class="tablenav top">';
352
+
353
+ $output .= '<div class="groups-bulk-container">';
354
+ $output .= '<div class="capabilities-select-container">';
355
  $output .= $capabilities_select;
 
 
356
  $output .= wp_nonce_field( 'admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false );
357
+ $output .= '</div>';
358
+ $output .= '<select class="bulk-action" name="bulk-action">';
359
+ $output .= '<option selected="selected" value="-1">' . __( 'Bulk Actions', GROUPS_PLUGIN_DOMAIN ) . '</option>';
360
+ $output .= '<option value="remove-group">' . __( 'Remove group', GROUPS_PLUGIN_DOMAIN ) . '</option>';
361
+ $output .= '<option value="add-capability">' . __( 'Add capability', GROUPS_PLUGIN_DOMAIN ) . '</option>';
362
+ $output .= '<option value="remove-capability">' . __( 'Remove capability', GROUPS_PLUGIN_DOMAIN ) . '</option>';
363
+ $output .= '</select>';
364
+ $output .= sprintf( '<input class="button" type="submit" name="bulk" value="%s" />', __( 'Apply', GROUPS_PLUGIN_DOMAIN ) );
365
  $output .= '<input type="hidden" name="action" value="groups-action"/>';
366
+ $output .= '</div>';
367
+ $output .= '</div>';
368
+
369
+ $output .= '<table id="" class="wp-list-table widefat fixed" cellspacing="0">';
370
+ $output .= '<thead>';
371
+ $output .= '<tr>';
372
+
 
 
373
  $output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
374
+
375
  foreach ( $column_display_names as $key => $column_display_name ) {
376
  $options = array(
377
  'orderby' => $key,
389
  }
390
  $output .= "<th scope='col' class='$class'>$column_display_name</th>";
391
  }
392
+
393
+ $output .= '</tr>';
394
+ $output .= '</thead>';
395
+ $output .= '<tbody>';
396
+
 
397
  if ( count( $results ) > 0 ) {
398
  for ( $i = 0; $i < count( $results ); $i++ ) {
399
+
400
  $result = $results[$i];
401
+
402
  $output .= '<tr class="' . ( $i % 2 == 0 ? 'even' : 'odd' ) . '">';
403
+
404
  $output .= '<th class="check-column">';
405
  $output .= '<input type="checkbox" value="' . esc_attr( $result->group_id ) . '" name="group_ids[]"/>';
406
  $output .= '</th>';
407
+
408
  $output .= "<td class='group-id'>";
409
  $output .= $result->group_id;
410
  $output .= "</td>";
411
  $output .= "<td class='group-name'>" . stripslashes( wp_filter_nohtml_kses( $result->name ) ) . "</td>";
412
  $output .= "<td class='group-description'>" . stripslashes( wp_filter_nohtml_kses( $result->description ) ) . "</td>";
413
+
414
  $output .= '<td class="capabilities">';
415
  $group_capabilities = $wpdb->get_results( $wpdb->prepare(
416
  "SELECT * FROM $capability_table WHERE capability_id IN ( SELECT capability_id FROM $group_capability_table WHERE group_id = %d )",
426
  $output .= __( 'This group has no capabilities.', GROUPS_PLUGIN_DOMAIN );
427
  }
428
  $output .= '</td>';
429
+
430
  $output .= "<td class='edit'>";
431
  $output .= "<a href='" . esc_url( add_query_arg( 'paged', $paged, $current_url ) ) . "&action=edit&group_id=" . $result->group_id . "' alt='" . __( 'Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/edit.png'/></a>";
432
  $output .= "</td>";
433
+
434
  $output .= "<td class='remove'>";
435
  if ( $result->name !== Groups_Registered::REGISTERED_GROUP_NAME ) {
436
  $output .= "<a href='" . esc_url( $current_url ) . "&action=remove&group_id=" . $result->group_id . "' alt='" . __( 'Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='". GROUPS_PLUGIN_URL ."images/remove.png'/></a>";
437
  }
438
  $output .= "</td>";
439
+
440
  $output .= '</tr>';
441
  }
442
  } else {
443
  $output .= '<tr><td colspan="7">' . __( 'There are no results.', GROUPS_PLUGIN_DOMAIN ) . '</td></tr>';
444
  }
445
+
446
  $output .= '</tbody>';
447
  $output .= '</table>';
448
+
449
  $output .= '</form>'; // #groups-action
450
+
451
  if ( $paginate ) {
452
  require_once( GROUPS_CORE_LIB . '/class-groups-pagination.php' );
453
  $pagination = new Groups_Pagination($count, null, $row_count);
454
  $output .= '<div class="tablenav bottom">';
455
  $output .= $pagination->pagination( 'bottom' );
456
+ $output .= '</div>';
457
  }
458
 
459
  $output .= '</div>'; // .groups-overview
460
  $output .= '</div>'; // .manage-groups
461
+
462
  echo $output;
463
  Groups_Help::footer();
464
  } // function groups_admin_groups()
465
+ ?>
lib/core/class-groups-help.php CHANGED
@@ -106,15 +106,9 @@ class Groups_Help {
106
  * @param boolean $render
107
  */
108
  public static function footer( $render = true ) {
109
- $footer = '<div class="groups-footer">' .
110
- // '<p>' .
111
  __( 'Thank you for using <a href="http://www.itthinx.com/plugins/groups" target="_blank">Groups</a> by <a href="http://www.itthinx.com" target="_blank">itthinx</a>.', GROUPS_PLUGIN_DOMAIN ) .
112
- ' ' .
113
- __( 'For consulting and development services related to Groups go <a href="http://www.itthinx.com/contact/" target="_blank">here</a>.', GROUPS_PLUGIN_DOMAIN ) .
114
- ' ' .
115
- __( 'You can also support the project:', GROUPS_PLUGIN_DOMAIN ) .
116
- self::donate( false ) .
117
- // '</p>' .
118
  '</div>';
119
  $footer = apply_filters( 'groups_footer', $footer );
120
  if ( $render ) {
@@ -123,31 +117,5 @@ class Groups_Help {
123
  return $footer;
124
  }
125
  }
126
-
127
- /**
128
- * Render or return a donation button.
129
- * Thanks for supporting me!
130
- * @param boolean $render
131
- * @param boolean $small
132
- */
133
- public static function donate( $render = true, $small = false ) {
134
- $donate =
135
- '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
136
- <input type="hidden" name="cmd" value="_donations">
137
- <input type="hidden" name="business" value="paypal@itthinx.com">
138
- <input type="hidden" name="lc" value="US">
139
- <input type="hidden" name="item_name" value="Support WordPress Plugins from itthinx">
140
- <input type="hidden" name="item_number" value="WordPress Plugins">
141
- <input type="hidden" name="no_note" value="0">
142
- <input type="hidden" name="currency_code" value="EUR">
143
- <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_SM.gif:NonHostedGuest">
144
- <input type="submit" name="submit" value="Contribute" style="border:1px solid #ccc;border-radius:4px;cursor:pointer;padding:0;margin:0;color:#999;">
145
- </form>';
146
- if ( $render ) {
147
- echo $donate;
148
- } else {
149
- return $donate;
150
- }
151
- }
152
  }
153
  Groups_Help::init();
106
  * @param boolean $render
107
  */
108
  public static function footer( $render = true ) {
109
+ $footer =
110
+ '<div class="groups-footer">' .
111
  __( 'Thank you for using <a href="http://www.itthinx.com/plugins/groups" target="_blank">Groups</a> by <a href="http://www.itthinx.com" target="_blank">itthinx</a>.', GROUPS_PLUGIN_DOMAIN ) .
 
 
 
 
 
 
112
  '</div>';
113
  $footer = apply_filters( 'groups_footer', $footer );
114
  if ( $render ) {
117
  return $footer;
118
  }
119
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
120
  }
121
  Groups_Help::init();
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://www.itthinx.com/plugins/groups
4
  Tags: access, access control, capability, capabilities, content, download, downloads, file, file access, files, group, groups, member, members, membership, memberships, paypal, permission, permissions, subscription, subscriptions, woocommerce
5
  Requires at least: 3.3
6
  Tested up to: 3.6.1
7
- Stable tag: 1.3.14
8
  License: GPLv3
9
 
10
  Groups provides group-based user membership management, group-based capabilities and content access control.
@@ -368,6 +368,16 @@ See also [Groups](http://www.itthinx.com/plugins/groups/)
368
 
369
  == Changelog ==
370
 
 
 
 
 
 
 
 
 
 
 
371
  = 1.3.14 =
372
  * Added the option to quick-create group and capability within the access restriction meta-box.
373
  * Added the option to show groups granting access per capability in the access restriction meta-box.
@@ -517,6 +527,9 @@ Some installations wouldn't work correctly, showing no capabilities and making i
517
 
518
  == Upgrade Notice ==
519
 
 
 
 
520
  = 1.3.14 =
521
  * New useful features, UI and workflow improvements. Quick-create group and capability directly on posts (access restriction); groups are shown along with access restriction capabilities (can be toggled).
522
 
4
  Tags: access, access control, capability, capabilities, content, download, downloads, file, file access, files, group, groups, member, members, membership, memberships, paypal, permission, permissions, subscription, subscriptions, woocommerce
5
  Requires at least: 3.3
6
  Tested up to: 3.6.1
7
+ Stable tag: 1.4.0
8
  License: GPLv3
9
 
10
  Groups provides group-based user membership management, group-based capabilities and content access control.
368
 
369
  == Changelog ==
370
 
371
+ = 1.4.0 =
372
+ * Added: Groups > Groups > Add / Edit group screens, allow to assign/modify the capabilities assigned to the group.
373
+ * Added: Groups > Groups screen, allow to assign/remove multiple capabilities to multiple groups.
374
+ * Added: Groups > Groups screen, allow to delete multiple groups as a bulk action.
375
+ * Added: Groups > Capabilities screen, allow to delete multiple capabilities as a bulk action.
376
+ * Improved: Groups > Options screen, using searchable select instead of checkboxes to enable capabilities for access restriction.
377
+ * Improved: In user profiles, using a searchable select to modify group assignments.
378
+ * Improved: Reduced the footer text in groups admin sections.
379
+ * Improved: Admin CSS to make better use of screen real-estate and more coherent appearance with the new UI additions.
380
+
381
  = 1.3.14 =
382
  * Added the option to quick-create group and capability within the access restriction meta-box.
383
  * Added the option to show groups granting access per capability in the access restriction meta-box.
527
 
528
  == Upgrade Notice ==
529
 
530
+ = 1.4.0 =
531
+ * This release brings User Interface improvements mainly directed at working with groups and capabilities. This includes bulk actions for groups and capabilities and capability assignments when editing groups along with other improvements.
532
+
533
  = 1.3.14 =
534
  * New useful features, UI and workflow improvements. Quick-create group and capability directly on posts (access restriction); groups are shown along with access restriction capabilities (can be toggled).
535