WordPress Access Control

Version Description

December 18, 2013 =
Fixed faulty code which cause menu items to show up when they shouldn't

Release Info

Developer	brandon.wamboldt
Plugin	WordPress Access Control
Version	4.0.7
Comparing to
See all releases

Code changes from version 4.0.6 to 4.0.7

Files changed (3) hide show

lib/Walker.php +48 -5
readme.txt +5 -1
wordpress-access-control.php +1 -1

lib/Walker.php CHANGED Viewed

@@ -62,13 +62,21 @@ class WpacSecureWalker extends Walker_Nav_Menu
                */
               public function display_element($element, &$children_elements, $max_depth, $depth, $args, &$output)
+              {
-            -
                if (WordPressAccessControl::check_conditions($element->object_id) || get_option('wpac_show_in_menus', 'with_access') == 'always') {
-            -
                  // Make sure the page isn't an orphan (e.g. this is a page walker and the
-            -
                  // element was a child of a members only page that got removed, so we
-            -
                  // shouldn't show it)
-            -
                  if (in_array($element->{$this->db_fields['parent']}, $this->track_ids) || $element->{$this->db_fields['parent']} == 0) {
                     $this->track_ids[] = $element->{$this->db_fields['id']};
                     $this->original_walker->display_element($element, $children_elements, $max_depth, $depth, $args, $output);
+                  }
                 } else {
                   $this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
@@ -120,6 +128,41 @@ class WpacSecureWalker extends Walker_Nav_Menu
                 return isset($this->original_walker->{$var});
+              }
               /**
                * Recursively remote children of a menu item that has been removed.
+               *


62	*/
63	public function display_element($element, &$children_elements, $max_depth, $depth, $args, &$output)
64	{
65	+ // If it's a nav menu item, check permissions against the post/page that the
66	+ // nav menu item points to, otherwise check the element itself.
67	+ if (isset($element->post_type) && $element->post_type == 'nav_menu_item') {
68	+ $object_id = $element->object_id;
69	+ } else {
70	+ $object_id = $element->{$this->db_fields['id']};
71	+ }
72	+
73	+ if (WordPressAccessControl::check_conditions($object_id) \|\| get_option('wpac_show_in_menus', 'with_access') == 'always') {
74	+ if (in_array($child->{$this->db_fields['parent']}, $this->track_ids) \|\| $element->{$this->db_fields['parent']} == 0) {
75	$this->track_ids[] = $element->{$this->db_fields['id']};
76	+ $this->filter_children($element->{$this->db_fields['id']}, $children_elements);
77	$this->original_walker->display_element($element, $children_elements, $max_depth, $depth, $args, $output);
78	+ } else {
79	+ $this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
80	}
81	} else {
82	$this->truncate_children($element->{$this->db_fields['id']}, $children_elements);

128	return isset($this->original_walker->{$var});
129	}
130
131	+ /**
132	+ * Recursively removes any child nav menu item that the user doesn't have the
133	+ * correct permission to view.
134	+ */
135	+ protected function filter_children($id, &$children_elements)
136	+ {
137	+ if (isset($children_elements[$id])) {
138	+ foreach ($children_elements[$id] as $index => $element) {
139	+ // If it's a nav menu item, check permissions against the post/page that the
140	+ // nav menu item points to, otherwise check the element itself.
141	+ if (isset($element->post_type) && $element->post_type == 'nav_menu_item') {
142	+ $object_id = $element->object_id;
143	+ } else {
144	+ $object_id = $element->{$this->db_fields['id']};
145	+ }
146	+
147	+ // Make sure the page isn't an orphan (e.g. this is a page walker and the
148	+ // element was a child of a members only page that got removed, so we
149	+ // shouldn't show it)
150	+ if (WordPressAccessControl::check_conditions($object_id) \|\| get_option('wpac_show_in_menus', 'with_access') == 'always') {
151	+ if (in_array($element->{$this->db_fields['parent']}, $this->track_ids) \|\| $element->{$this->db_fields['parent']} == 0) {
152	+ $this->track_ids[] = $element->{$this->db_fields['id']};
153	+ $this->remove_protected_children($element->{$this->db_fields['id']}, $children_elements);
154	+ } else {
155	+ $this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
156	+ unset($children_elements[$id][$index]);
157	+ }
158	+ } else {
159	+ $this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
160	+ unset($children_elements[$id][$index]);
161	+ }
162	+ }
163	+ }
164	+ }
165	+
166	/**
167	* Recursively remote children of a menu item that has been removed.
168	*

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
4	Tags: members, only, plugin, restricted, access, menus, 3.3, wp_nav_menu, nonmembers
5	Requires at least: 3.0
6	Tested up to: 3.8
7	- Stable tag: 4.0.6
8
9	Restrict pages, posts, custom post types, menus and widgets to members, nonmembers or specific roles and still add to navigation
10
	@@ -64,6 +64,10 @@ Yes, this is a new feature in 3.1.3. Use the syntax [members role="administrator
64
65	== Changelog ==
66




67	= 4.0.6 - December 18, 2013 =
68
69	* Fixed a bug with multi-level menus when using page inheritance instead of nav menus


4	Tags: members, only, plugin, restricted, access, menus, 3.3, wp_nav_menu, nonmembers
5	Requires at least: 3.0
6	Tested up to: 3.8
7	+ Stable tag: 4.0.7
8
9	Restrict pages, posts, custom post types, menus and widgets to members, nonmembers or specific roles and still add to navigation
10

64
65	== Changelog ==
66
67	+ = 4.0.7 - December 18, 2013 =
68	+
69	+ * Fixed faulty code which cause menu items to show up when they shouldn't
70	+
71	= 4.0.6 - December 18, 2013 =
72
73	* Fixed a bug with multi-level menus when using page inheritance instead of nav menus

wordpress-access-control.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin URI: http://brandonwamboldt.ca/plugins/members-only-menu-plugin/
5	* Author: Brandon Wamboldt
6	* Author URI: http://brandonwamboldt.ca/
7	- * Version: 4.0.6
8	* Description: This plugin is a powerful tool which gives you fine grained control over your pages and posts (and custom post types), allowing you to restrict a page, post, or custom post type to members, non-members, or even specific roles. You can customize how these pages and posts show up in search results, where users are directed when they visit them, and much more. <strong>You can even make your entire blog members only!</strong>.
9	*/
10


4	* Plugin URI: http://brandonwamboldt.ca/plugins/members-only-menu-plugin/
5	* Author: Brandon Wamboldt
6	* Author URI: http://brandonwamboldt.ca/
7	+ * Version: 4.0.7
8	* Description: This plugin is a powerful tool which gives you fine grained control over your pages and posts (and custom post types), allowing you to restrict a page, post, or custom post type to members, non-members, or even specific roles. You can customize how these pages and posts show up in search results, where users are directed when they visit them, and much more. <strong>You can even make your entire blog members only!</strong>.
9	*/
10

WordPress Access Control - Version 4.0.7

Version Description

Release Info

Code changes from version 4.0.6 to 4.0.7