wpdb = $wpdb; $this->options = get_option('usecurex_options'); } /** * The actual function that kicks of the process of administration * */ function init(){ switch($_GET["sub"]){ case "settings": $this->adminSettings(); break; case "form": $this->groupForm(); break; case "submit": $this->groupSubmit(); break; default: $this->listGroups(); break; } $this->stroke($this->text); } /** * The settings page and update function * */ function adminSettings(){ if ($_POST["update"]){ if ($_POST["_wpnonce"]){ $nonce = $_POST["_wpnonce"]; } if (!wp_verify_nonce($nonce)){ die('Security check'); } $this->options["default_page"] = $_POST["default_page"]; update_option("usecurex_options", $this->options); $_POST = array(); $status = "Settings Updated"; } $text = "
"; $text .= "

USecureX Settings

"; $text .= "$status"; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "
baseURL . "&sub=settings\" id=\"myForm\" name=\"myForm\">"; $text .= ""; $text .= ""; $text .= ""; $text .= ""; $text .= ""; $text .= ""; $text .= "
Page to redirect to upon Authorized Action:
"; $text .= "
"; $text .= "

"; $text .= "

"; $this->text = $text; } function usecurex_install(){ /** * Installs the plugin by creating the options * @param NULL * @return NULL */ update_option('usecurex_options', array()); $this->wpdb->query("CREATE TABLE `" . $this->wpdb->prefix . "usecurex_group` (`usecurex_group_id` int(10) NOT NULL AUTO_INCREMENT,`usecurex_group_name` varchar(50) NOT NULL,PRIMARY KEY (`usecurex_group_id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1;"); $this->wpdb->query("CREATE TABLE `" . $this->wpdb->prefix . "usecurex_link` (`usecurex_group_id` int(10) NOT NULL, `usecurex_field_name` varchar(50) NOT NULL, `usecurex_field_id` varchar(50) NOT NULL, UNIQUE KEY `usecurex_group_id` (`usecurex_group_id`,`usecurex_field_name`,`usecurex_field_id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1;"); } function usecurex_uninstall(){ /** * Uninstalls the plugin by deleting the options * * @param NULL * @return NULL */ $this->wpdb->query("drop table `" . $this->wpdb->prefix . "usecurex_group`"); $this->wpdb->query("drop table `" . $this->wpdb->prefix . "usecurex_link`"); delete_option('usecurex_options'); } /** * outputs the actual text. * * @param string $text the text in which to wrap and then print */ function stroke($text){ $body = ""; $body .= ""; $body .= $this->adminHeaderMenu(); $body .= $text; $body .= "
 
 
"; print($body); } /** * Creates the header menu * * @return string $text */ function adminHeaderMenu(){ $text = "  baseURL . "&sub=settings\">Settings"; $text .= "  baseURL . "\">View Groups"; $text .= "  baseURL . "&sub=form\">Add New Group"; return $text; } function usecurex_admin_menu(){ /** * The hook for the admin menu * * @param NULL * @return NULL */ add_management_page('USecureX', 'USecureX', 10, __FILE__, array($this, 'init')); } /** * Creates the Group Listing * * @param string $code the results code string */ function listGroups($code=''){ require_once(ABSPATH . $this->pluginBase . DIRECTORY_SEPARATOR . 'suitex_list.php'); $text .= "
"; $text .= "

User Groups

"; $text .= "$code"; $text .= $this->status; $headers["group_name"] = "Group Name"; $headers["members"] = "# of Members"; $headers["pages"] = "# of Pages"; $order = "usecurex_group_name"; $sort = "asc"; if ($_GET["limit"]){ $limit = $_GET["limit"]; } else { $limit = 0; } $query = "select usecurex_group_id, usecurex_group_name from " . $this->wpdb->prefix . "usecurex_group order by $order $sort"; $count=0; $result = $this->wpdb->get_results($query); foreach($result as $row){ $count++; $memberCount = $this->wpdb->get_var("select count(usecurex_group_id) from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = '" . $row->usecurex_group_id . "' and usecurex_field_name = 'user_id'"); $pageCount = $this->wpdb->get_var("select count(usecurex_group_id) from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = '" . $row->usecurex_group_id . "' and usecurex_field_name = 'page_id'"); $rows[$row->usecurex_group_id] = array($row->usecurex_group_name, $memberCount, $pageCount); } $url = $this->baseURL . "&sub=form&id="; $list = new suitex_list(); $list->search = false; $list->orderForm = false; $list->filters = false; //$list->omit = array("cb"); //$list->paging = true; //$this->pluginPath = $this->pluginBase; $list->setNum = $this->numberPerPage; $list->startList($headers, $url, $order, $sort, $rows, $limit, $count); $text .= $list->text; $text .= "
"; $this->text = $text; } /** * Submits the forms * */ function groupSubmit(){ if ($_POST["_wpnonce"]){ $nonce = $_POST["_wpnonce"]; } else if ($_GET["_wpnonce"]){ $nonce = $_GET["_wpnonce"]; } if (!wp_verify_nonce($nonce)){ die('Security check'); } if ($_POST["id"]){ $this->wpdb->query($this->wpdb->prepare("update " . $this->wpdb->prefix . "usecurex_group set usecurex_group_name = %s where usecurex_group_id = %d limit 1", $_POST["group_name"], $_POST["id"])); $this->wpdb->query($this->wpdb->prepare("delete from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = %d", $_POST["id"])); foreach(array_keys($_POST) as $f){ if (substr_count($f, "page_") != 0){ $field_id = str_replace("page_", '', $f); $this->wpdb->query($this->wpdb->prepare("insert into " . $this->wpdb->prefix . "usecurex_link (usecurex_group_id, usecurex_field_name, usecurex_field_id) values (%d, %s, %d)", $_POST["id"], "page_id", $field_id)); } } $members = explode(",", $_POST["members"]); foreach($members as $m){ $this->wpdb->query($this->wpdb->prepare("insert into " . $this->wpdb->prefix . "usecurex_link (usecurex_group_id, usecurex_field_name, usecurex_field_id) values (%d, %s, %d)", $_POST["id"], "user_id", $m)); } $_POST = array(); $this->listGroups("Group Modified"); } else if ($_GET["id"]){ $this->wpdb->query($this->wpdb->prepare("delete from " . $this->wpdb->prefix . "usecurex_group where usecurex_group_id = %d", $_GET["id"])); $this->wpdb->query($this->wpdb->prepare("delete from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = %d", $_GET["id"])); $this->listGroups("Group Deleted"); } else { $this->wpdb->query($this->wpdb->prepare("insert into " . $this->wpdb->prefix . "usecurex_group (usecurex_group_name) values (%s)", $_POST["group_name"])); $group_id = $this->wpdb->insert_id; foreach(array_keys($_POST) as $f){ if (substr_count($f, "page_") != 0){ $field_id = str_replace("page_", '', $f); $this->wpdb->query($this->wpdb->prepare("insert into " . $this->wpdb->prefix . "usecurex_link (usecurex_group_id, usecurex_field_name, usecurex_field_id) values (%d, %s, %d)", $group_id, "page_id", $field_id)); } } $members = explode(",", $_POST["members"]); foreach($members as $m){ $this->wpdb->query($this->wpdb->prepare("insert into " . $this->wpdb->prefix . "usecurex_link (usecurex_group_id, usecurex_field_name, usecurex_field_id) values (%d, %s, %d)", $group_id, "user_id", $m)); } $_POST = array(); $this->listGroups("Group Added"); } } /** * Creates the forms * */ function groupForm(){ $pageArray = array(); $users = array(); $members = array(); if ($_GET["id"]){ $groupName = $this->wpdb->get_var($this->wpdb->prepare("select usecurex_group_name from " . $this->wpdb->prefix . "usecurex_group where usecurex_group_id = %d limit 1", $_GET["id"])); $query = "select ID, user_login from " . $this->wpdb->prefix . "users order by user_login"; $results = $this->wpdb->get_results($query); foreach($results as $row){ $check = $this->wpdb->get_var($this->wpdb->prepare("select count(usecurex_group_id) from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = %d and usecurex_field_name = 'user_id' and usecurex_field_id = %d limit 1", $_GET["id"], $row->ID)); if ($check == 0){ $users[$row->ID] = $row->user_login; } else { $members[$row->ID] = $row->user_login; } } $results = $this->wpdb->get_results($this->wpdb->prepare("select usecurex_field_id from " . $this->wpdb->prefix . "usecurex_link where usecurex_group_id = %d and usecurex_field_name = 'page_id'", $_GET["id"])); foreach($results as $row){ $pageArray[] = $row->usecurex_field_id; } $label = "Modify Group"; } else { $query = "select ID, user_login from " . $this->wpdb->prefix . "users order by user_login"; $results = $this->wpdb->get_results($query); foreach($results as $row){ $users[$row->ID] = $row->user_login; } $label = "Add Group"; } $text = "
"; $text .= "

$label

"; $text .= ""; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "baseURL . "&sub=submit\" id=\"myForm\" name=\"myForm\">"; $text .= ""; if ($_GET["id"]){ $text .= ""; } $text .= ""; $text .= ""; $text .= ""; $text .= ""; $text .= "
Group Name:"; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "

"; $text .= "
"; $text .= ""; $query = "select ID, post_title, guid from " . $this->wpdb->prefix . "posts where post_type = 'page' order by post_title"; $row = $this->wpdb->get_results($query); $x=1; foreach($row as $r){ if ($x == 1){ $text .= ""; } if (in_array($r->ID, $pageArray)){ $c = "checked"; } else { $c = ''; } $text .= ""; if ($x == 5){ $text .= ""; $x=1; } else { $x++; } } $text .= "
"; $text .= "ID . "\" value=\"1\" $c /> "; $text .= "guid . "\" target=\"_blank\">" . $r->post_title . ""; $text .= "
"; $text .= "
"; $text .= "
"; $text .= "

"; $text .= "
"; $text .= ""; $text .= ""; $text .= ""; $text .= "
"; $text .= "User List:
"; $text .= "		Member List:
"; $text .= ""; $text .= ""; $text .= "
"; $text .= "
"; $text .= "

"; if ($_GET["id"]){ $text .= " baseURL . "&sub=submit&id=" . $_GET["id"] . "&_wpnonce=" . wp_create_nonce() . "');\" />"; } $text .= "

"; $text .= "
"; $this->text = $text; } } ?>