diff --git a/common/php/class-module.php b/common/php/class-module.php index 619ee3274..d9a3e2628 100644 --- a/common/php/class-module.php +++ b/common/php/class-module.php @@ -76,12 +76,20 @@ protected function is_analytics_enabled() { * Check if the site is a WPVIP site. * * @since 0.10.0 + * + * @param bool $only_production Whether to only allow production sites to be considered WPVIP sites * @return true, if it is a WPVIP site, false otherwise */ - protected function is_vip_site() { - return defined( 'WPCOM_IS_VIP_ENV' ) && constant( 'WPCOM_IS_VIP_ENV' ) === true - && defined( 'WPCOM_SANDBOXED' ) && constant( 'WPCOM_SANDBOXED' ) === false - && defined( 'FILES_CLIENT_SITE_ID' ); + protected function is_vip_site( $only_production = false ) { + $is_vip_site = defined( 'VIP_GO_ENV' ) + && defined( 'WPCOM_SANDBOXED' ) && constant( 'WPCOM_SANDBOXED' ) === false + && defined( 'FILES_CLIENT_SITE_ID' ); + + if ( $only_production ) { + $is_vip_site = $is_vip_site && defined( 'VIP_GO_ENV' ) && 'production' === constant( 'VIP_GO_ENV' ); + } + + return $is_vip_site; } /** diff --git a/composer.json b/composer.json index d1e881a23..8b35f6ffc 100644 --- a/composer.json +++ b/composer.json @@ -21,10 +21,10 @@ }, "scripts": { "cs": [ - "@php ./vendor/bin/phpcs -p -s -v -n . --standard=\"WordPress-VIP-Go\" --extensions=php --ignore=\"/vendor/*,/node_modules/*,/tests/*\"" + "@php ./vendor/bin/phpcs -p -s -v -n . --standard=\"phpcs.xml.dist\" --extensions=php --ignore=\"/vendor/*,/node_modules/*,/tests/*,/common/*\"" ], "cbf": [ - "@php ./vendor/bin/phpcbf -p -s -v -n . --standard=\"WordPress-VIP-Go\" --extensions=php --ignore=\"/vendor/*,/node_modules/*,/tests/*\"" + "@php ./vendor/bin/phpcbf -p -s -v -n . --standard=\"phpcs.xml.dist\" --extensions=php --ignore=\"/vendor/*,/node_modules/*,/tests/*,/common/*\"" ], "integration": "wp-env run tests-cli --env-cwd=wp-content/plugins/Edit-Flow ./vendor/bin/phpunit", "integration-ms": "wp-env run tests-cli --env-cwd=wp-content/plugins/Edit-Flow /bin/bash -c 'WP_MULTISITE=1 ./vendor/bin/phpunit'" diff --git a/edit-flow.php b/edit-flow.php index fdbe94eaf..ea5be28e7 100644 --- a/edit-flow.php +++ b/edit-flow.php @@ -8,4 +8,4 @@ * * Since this is not the primary plugin file, it does not have the standard WordPress headers. */ -require_once dirname( __FILE__ ) . '/edit_flow.php'; +require_once __DIR__ . '/edit_flow.php'; diff --git a/edit_flow.php b/edit_flow.php index 9aca4fb5c..eee291468 100644 --- a/edit_flow.php +++ b/edit_flow.php @@ -189,9 +189,9 @@ private function setup_actions() { * Inititalizes the Edit Flows! * Loads options for each registered module and then initializes it if it's active */ - function action_init() { + public function action_init() { - load_plugin_textdomain( 'edit-flow', null, dirname( plugin_basename( __FILE__ ) ) . '/languages/' ); + load_plugin_textdomain( 'edit-flow', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' ); $this->load_modules(); @@ -218,7 +218,7 @@ function action_init() { /** * Initialize the plugin for the admin */ - function action_admin_init() { + public function action_admin_init() { // Upgrade if need be but don't run the upgrade if the plugin has never been used $previous_version = get_option( $this->options_group . 'version' ); @@ -315,7 +315,7 @@ public function register_module( $name, $args = array() ) { * Load all of the module options from the database * If a given option isn't yet set, then set it to the module's default (upgrades, etc.) */ - function load_module_options() { + public function load_module_options() { foreach ( $this->modules as $mod_name => $mod_data ) { @@ -343,7 +343,7 @@ function load_module_options() { * * @see http://dev.editflow.org/2011/11/17/edit-flow-v0-7-alpha2-notes/#comment-232 */ - function action_init_after() { + public function action_init_after() { foreach ( $this->modules as $mod_name => $mod_data ) { if ( isset( $this->modules->$mod_name->options->post_types ) ) { @@ -360,7 +360,7 @@ function action_init_after() { * @param string $key The property to use for searching a module (ex: 'name') * @param string|int|array $value The value to compare (using ==) */ - function get_module_by( $key, $value ) { + public function get_module_by( $key, $value ) { $module = false; foreach ( $this->modules as $mod_name => $mod_data ) { @@ -380,13 +380,13 @@ function get_module_by( $key, $value ) { /** * Update the $edit_flow object with new value and save to the database */ - function update_module_option( $mod_name, $key, $value ) { + public function update_module_option( $mod_name, $key, $value ) { $this->modules->$mod_name->options->$key = $value; $this->$mod_name->module = $this->modules->$mod_name; return update_option( $this->options_group . $mod_name . '_options', $this->modules->$mod_name->options ); } - function update_all_module_options( $mod_name, $new_options ) { + public function update_all_module_options( $mod_name, $new_options ) { if ( is_array( $new_options ) ) { $new_options = (object) $new_options; } @@ -398,7 +398,7 @@ function update_all_module_options( $mod_name, $new_options ) { /** * Registers commonly used scripts + styles for easy enqueueing */ - function register_scripts_and_styles() { + public function register_scripts_and_styles() { wp_enqueue_style( 'ef-admin-css', EDIT_FLOW_URL . 'common/css/edit-flow-admin.css', false, EDIT_FLOW_VERSION, 'all' ); wp_register_script( 'jquery-listfilterizer', EDIT_FLOW_URL . 'common/js/jquery.listfilterizer.js', array( 'jquery' ), EDIT_FLOW_VERSION, true ); @@ -416,6 +416,7 @@ function register_scripts_and_styles() { } } +// phpcs:disable WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid function EditFlow() { return edit_flow::instance(); } diff --git a/modules/calendar/calendar.php b/modules/calendar/calendar.php index 2d20b0165..44a84d35e 100644 --- a/modules/calendar/calendar.php +++ b/modules/calendar/calendar.php @@ -5,628 +5,636 @@ * * @author danielbachhuber */ -if ( !class_exists('EF_Calendar') ) { - -class EF_Calendar extends EF_Module { - - const usermeta_key_prefix = 'ef_calendar_'; - const screen_id = 'dashboard_page_calendar'; - - var $module; - - var $start_date = ''; - var $current_week = 1; - var $total_weeks = 6; // default number of weeks to show per screen - var $hidden = 0; // counter of hidden posts per date square - var $max_visible_posts_per_date = 4; // total number of posts to be shown per square before 'more' link - - private $post_date_cache = array(); - private static $post_li_html_cache_key = 'ef_calendar_post_li_html'; - private int $max_weeks; - private string $create_post_cap; - - /** - * Calendar published statuses are the same as other - * components but without the future - */ - public $published_statuses = array( - 'publish', - 'private', - ); - - /** - * Construct the EF_Calendar class - */ - function __construct() { - $this->max_weeks = 12; - - $this->module_url = $this->get_module_url( __FILE__ ); - // Register the module with Edit Flow - $args = array( - 'title' => __( 'Calendar', 'edit-flow' ), - 'short_description' => sprintf( __( 'View upcoming content in a customizable calendar.', 'edit-flow' ), admin_url( 'index.php?page=calendar' ) ), - 'extended_description' => __( 'Edit Flow’s calendar lets you see your posts over a customizable date range. Filter by status or click on the post title to see its details. Drag and drop posts between days to change their publication date.', 'edit-flow' ), - 'module_url' => $this->module_url, - 'img_url' => $this->module_url . 'lib/calendar_s128.png', - 'slug' => 'calendar', - 'post_type_support' => 'ef_calendar', - 'default_options' => array( - 'enabled' => 'on', - 'post_types' => array( - 'post' => 'on', - 'page' => 'off', - ), - 'quick_create_post_type' => 'post', - 'ics_subscription' => 'off', - 'ics_secret_key' => '', - ), - 'messages' => array( - 'post-date-updated' => __( "Post date updated.", 'edit-flow' ), - 'update-error' => __( 'There was an error updating the post. Please try again.', 'edit-flow' ), - 'published-post-ajax' => __( "Updating the post date dynamically doesn't work for published content. Please edit the post.", 'edit-flow' ), - 'key-regenerated' => __( 'iCal secret key regenerated. Please inform all users they will need to resubscribe.', 'edit-flow' ), - ), - 'configure_page_cb' => 'print_configure_view', - 'configure_link_text' => __( 'Calendar Options', 'edit-flow' ), - 'settings_help_tab' => array( - 'id' => 'ef-calendar-overview', - 'title' => __('Overview', 'edit-flow'), - 'content' => __('

The calendar is a convenient week-by-week or month-by-month view into your content. Quickly see which stories are on track to being published on time, and which will need extra effort.

', 'edit-flow'), - ), - 'settings_help_sidebar' => __( '

For more information:

Calendar Documentation

Edit Flow Forum

Edit Flow on Github

', 'edit-flow' ), - ); - $this->module = EditFlow()->register_module( 'calendar', $args ); - - } - - /** - * Initialize all of our methods and such. Only runs if the module is active - * - * @uses add_action() - */ - function init() { - - // .ics calendar subscriptions - add_action( 'wp_ajax_ef_calendar_ics_subscription', array( $this, 'handle_ics_subscription' ) ); - add_action( 'wp_ajax_nopriv_ef_calendar_ics_subscription', array( $this, 'handle_ics_subscription' ) ); - - // Check whether the user should have the ability to view the calendar - $view_calendar_cap = 'ef_view_calendar'; - $view_calendar_cap = apply_filters( 'ef_view_calendar_cap', $view_calendar_cap ); - if ( !current_user_can( $view_calendar_cap ) ) return false; - - // Define the create-post capability - $this->create_post_cap = apply_filters( 'ef_calendar_create_post_cap', 'edit_posts' ); - - add_action( 'admin_init', array( $this, 'add_screen_options_panel' ) ); - add_action( 'admin_init', array( $this, 'handle_save_screen_options' ) ); - - add_action( 'admin_init', array( $this, 'register_settings' ) ); - add_action( 'admin_menu', array( $this, 'action_admin_menu' ) ); - add_action( 'admin_print_styles', array( $this, 'add_admin_styles' ) ); - add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_scripts' ) ); - - // Ajax manipulation for the calendar - add_action( 'wp_ajax_ef_calendar_drag_and_drop', array( $this, 'handle_ajax_drag_and_drop' ) ); - - // Ajax insert post placeholder for a specific date - add_action( 'wp_ajax_ef_insert_post', array( $this, 'handle_ajax_insert_post' ) ); - - //Update metadata - add_action( 'wp_ajax_ef_calendar_update_metadata', array( $this, 'handle_ajax_update_metadata' ) ); - - // Clear li cache for a post when post cache is cleared - add_action( 'clean_post_cache', array( $this, 'action_clean_li_html_cache' ) ); - - // Action to regenerate the calendar feed sekret - add_action( 'admin_init', array( $this, 'handle_regenerate_calendar_feed_secret' ) ); - - // Hacks to fix deficiencies in core - add_action( 'pre_post_update', array( $this, 'fix_post_date_on_update_part_one' ), 10, 2 ); - add_action( 'post_updated', array( $this, 'fix_post_date_on_update_part_two' ), 10, 3 ); - } - - /** - * Load the capabilities onto users the first time the module is run - * - * @since 0.7 - */ - function install() { - - // Add necessary capabilities to allow management of calendar - // view_calendar - administrator --> contributor - $calendar_roles = array( - 'administrator' => array('ef_view_calendar'), - 'editor' => array('ef_view_calendar'), - 'author' => array('ef_view_calendar'), - 'contributor' => array('ef_view_calendar') +if ( ! class_exists( 'EF_Calendar' ) ) { + + class EF_Calendar extends EF_Module { + + // phpcs:ignore Generic.NamingConventions.UpperCaseConstantName.ClassConstantNotUpperCase + const usermeta_key_prefix = 'ef_calendar_'; + // phpcs:ignore Generic.NamingConventions.UpperCaseConstantName.ClassConstantNotUpperCase + const screen_id = 'dashboard_page_calendar'; + + public $module; + + public $start_date = ''; + public $current_week = 1; + public $total_weeks = 6; // default number of weeks to show per screen + public $hidden = 0; // counter of hidden posts per date square + public $max_visible_posts_per_date = 4; // total number of posts to be shown per square before 'more' link + + private $post_date_cache = array(); + private static $post_li_html_cache_key = 'ef_calendar_post_li_html'; + private int $max_weeks; + private string $create_post_cap; + + /** + * Calendar published statuses are the same as other + * components but without the future + */ + public $published_statuses = array( + 'publish', + 'private', ); - foreach ( $calendar_roles as $role => $caps ) { - $this->add_caps_to_role( $role, $caps ); - } - } - - /** - * Upgrade our data in case we need to - * - * @since 0.7 - */ - function upgrade( $previous_version ) { - global $edit_flow; - - // Upgrade path to v0.7 - if ( version_compare( $previous_version, '0.7' , '<' ) ) { - // Migrate whether the calendar was enabled or not and clean up old option - if ( $enabled = get_option( 'edit_flow_calendar_enabled' ) ) - $enabled = 'on'; - else - $enabled = 'off'; - $edit_flow->update_module_option( $this->module->name, 'enabled', $enabled ); - delete_option( 'edit_flow_calendar_enabled' ); - - // Technically we've run this code before so we don't want to auto-install new data - $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); + /** + * Construct the EF_Calendar class + */ + public function __construct() { + $this->max_weeks = 12; + + $this->module_url = $this->get_module_url( __FILE__ ); + // Register the module with Edit Flow + $args = array( + 'title' => __( 'Calendar', 'edit-flow' ), + /* translators: %s: URL to the calendar page */ + 'short_description' => sprintf( __( 'View upcoming content in a customizable calendar.', 'edit-flow' ), admin_url( 'index.php?page=calendar' ) ), + 'extended_description' => __( 'Edit Flow’s calendar lets you see your posts over a customizable date range. Filter by status or click on the post title to see its details. Drag and drop posts between days to change their publication date.', 'edit-flow' ), + 'module_url' => $this->module_url, + 'img_url' => $this->module_url . 'lib/calendar_s128.png', + 'slug' => 'calendar', + 'post_type_support' => 'ef_calendar', + 'default_options' => array( + 'enabled' => 'on', + 'post_types' => array( + 'post' => 'on', + 'page' => 'off', + ), + 'quick_create_post_type' => 'post', + 'ics_subscription' => 'off', + 'ics_secret_key' => '', + ), + 'messages' => array( + 'post-date-updated' => __( 'Post date updated.', 'edit-flow' ), + 'update-error' => __( 'There was an error updating the post. Please try again.', 'edit-flow' ), + /* translators: %s: URL to the published post */ + 'published-post-ajax' => __( "Updating the post date dynamically doesn't work for published content. Please edit the post.", 'edit-flow' ), + 'key-regenerated' => __( 'iCal secret key regenerated. Please inform all users they will need to resubscribe.', 'edit-flow' ), + ), + 'configure_page_cb' => 'print_configure_view', + 'configure_link_text' => __( 'Calendar Options', 'edit-flow' ), + 'settings_help_tab' => array( + 'id' => 'ef-calendar-overview', + 'title' => __( 'Overview', 'edit-flow' ), + 'content' => __( '

The calendar is a convenient week-by-week or month-by-month view into your content. Quickly see which stories are on track to being published on time, and which will need extra effort.

', 'edit-flow' ), + ), + 'settings_help_sidebar' => __( '

For more information:

Calendar Documentation

Edit Flow Forum

Edit Flow on Github

', 'edit-flow' ), + ); + $this->module = EditFlow()->register_module( 'calendar', $args ); } - } - - /** - * Add the calendar link underneath the "Dashboard" - * - * @uses add_submenu_page - */ - function action_admin_menu() { - add_submenu_page('index.php', __('Calendar', 'edit-flow'), __('Calendar', 'edit-flow'), apply_filters( 'ef_view_calendar_cap', 'ef_view_calendar' ), $this->module->slug, array( $this, 'view_calendar' ) ); - } - - /** - * Add any necessary CSS to the WordPress admin - * - * @uses wp_enqueue_style() - */ - function add_admin_styles() { - global $pagenow; - // Only load calendar styles on the calendar page - if ( 'index.php' === $pagenow && isset( $_GET['page'] ) && 'calendar' === $_GET['page'] ) { - wp_enqueue_style( 'edit-flow-calendar-css', $this->module_url . 'lib/calendar.css', false, EDIT_FLOW_VERSION ); - wp_enqueue_style( 'edit-flow-calendar-react-css', $this->module_url . 'lib/dist/calendar.react.style.build.css', array( 'wp-components' ), EDIT_FLOW_VERSION ); + /** + * Initialize all of our methods and such. Only runs if the module is active + * + * @uses add_action() + */ + public function init() { + + // .ics calendar subscriptions + add_action( 'wp_ajax_ef_calendar_ics_subscription', array( $this, 'handle_ics_subscription' ) ); + add_action( 'wp_ajax_nopriv_ef_calendar_ics_subscription', array( $this, 'handle_ics_subscription' ) ); + + // Check whether the user should have the ability to view the calendar + $view_calendar_cap = 'ef_view_calendar'; + $view_calendar_cap = apply_filters( 'ef_view_calendar_cap', $view_calendar_cap ); + if ( ! current_user_can( $view_calendar_cap ) ) { + return false; + } + + // Define the create-post capability + $this->create_post_cap = apply_filters( 'ef_calendar_create_post_cap', 'edit_posts' ); + + add_action( 'admin_init', array( $this, 'add_screen_options_panel' ) ); + add_action( 'admin_init', array( $this, 'handle_save_screen_options' ) ); + + add_action( 'admin_init', array( $this, 'register_settings' ) ); + add_action( 'admin_menu', array( $this, 'action_admin_menu' ) ); + add_action( 'admin_print_styles', array( $this, 'add_admin_styles' ) ); + add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_scripts' ) ); + + // Ajax manipulation for the calendar + add_action( 'wp_ajax_ef_calendar_drag_and_drop', array( $this, 'handle_ajax_drag_and_drop' ) ); + + // Ajax insert post placeholder for a specific date + add_action( 'wp_ajax_ef_insert_post', array( $this, 'handle_ajax_insert_post' ) ); + + //Update metadata + add_action( 'wp_ajax_ef_calendar_update_metadata', array( $this, 'handle_ajax_update_metadata' ) ); + + // Clear li cache for a post when post cache is cleared + add_action( 'clean_post_cache', array( $this, 'action_clean_li_html_cache' ) ); + + // Action to regenerate the calendar feed sekret + add_action( 'admin_init', array( $this, 'handle_regenerate_calendar_feed_secret' ) ); + + // Hacks to fix deficiencies in core + add_action( 'pre_post_update', array( $this, 'fix_post_date_on_update_part_one' ), 10, 2 ); + add_action( 'post_updated', array( $this, 'fix_post_date_on_update_part_two' ), 10, 3 ); } - } - - /** - * Add any necessary JS to the WordPress admin - * - * @since 0.7 - * @uses wp_enqueue_script() - */ - function enqueue_admin_scripts() { - global $pagenow; - - if ( 'index.php' === $pagenow && isset( $_GET['page'] ) && 'calendar' === $_GET['page'] ) { - $this->enqueue_datepicker_resources(); - - $js_libraries = array( - 'jquery', - 'jquery-ui-core', - 'jquery-ui-sortable', - 'jquery-ui-draggable', - 'jquery-ui-droppable', - 'wp-data' + + /** + * Load the capabilities onto users the first time the module is run + * + * @since 0.7 + */ + public function install() { + + // Add necessary capabilities to allow management of calendar + // view_calendar - administrator --> contributor + $calendar_roles = array( + 'administrator' => array( 'ef_view_calendar' ), + 'editor' => array( 'ef_view_calendar' ), + 'author' => array( 'ef_view_calendar' ), + 'contributor' => array( 'ef_view_calendar' ), ); - foreach( $js_libraries as $js_library ) { - wp_enqueue_script( $js_library ); + + foreach ( $calendar_roles as $role => $caps ) { + $this->add_caps_to_role( $role, $caps ); } - wp_enqueue_script( 'edit-flow-calendar-js', $this->module_url . 'lib/calendar.js', $js_libraries, EDIT_FLOW_VERSION, true ); + } - $ef_cal_js_params = array( 'can_add_posts' => current_user_can( $this->create_post_cap ) ? 'true' : 'false' ); - wp_localize_script( 'edit-flow-calendar-js', 'ef_calendar_params', $ef_cal_js_params ); + /** + * Upgrade our data in case we need to + * + * @since 0.7 + */ + public function upgrade( $previous_version ) { + global $edit_flow; + + // Upgrade path to v0.7 + if ( version_compare( $previous_version, '0.7', '<' ) ) { + // Migrate whether the calendar was enabled or not and clean up old option + $enabled = get_option( 'edit_flow_calendar_enabled' ); + if ( $enabled ) { + $enabled = 'on'; + } else { + $enabled = 'off'; + } + $edit_flow->update_module_option( $this->module->name, 'enabled', $enabled ); + delete_option( 'edit_flow_calendar_enabled' ); - /** - * Powering the new React interface - */ - wp_enqueue_script( 'edit-flow-calendar-react-js', $this->module_url . 'lib/dist/calendar.react.build.js', array( 'react', 'react-dom', 'wp-components', 'wp-url', 'wp-data', 'moment' ), EDIT_FLOW_VERSION, true ); + // Technically we've run this code before so we don't want to auto-install new data + $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); + } + } - wp_add_inline_script( - 'edit-flow-calendar-react-js', - 'var EF_CALENDAR = ' . wp_json_encode( $this->get_calendar_frontend_config() ), - 'before' - ); + /** + * Add the calendar link underneath the "Dashboard" + * + * @uses add_submenu_page + */ + public function action_admin_menu() { + add_submenu_page( 'index.php', __( 'Calendar', 'edit-flow' ), __( 'Calendar', 'edit-flow' ), apply_filters( 'ef_view_calendar_cap', 'ef_view_calendar' ), $this->module->slug, array( $this, 'view_calendar' ) ); + } + + /** + * Add any necessary CSS to the WordPress admin + * + * @uses wp_enqueue_style() + */ + public function add_admin_styles() { + global $pagenow; + // Only load calendar styles on the calendar page + if ( 'index.php' === $pagenow && isset( $_GET['page'] ) && 'calendar' === $_GET['page'] ) { + wp_enqueue_style( 'edit-flow-calendar-css', $this->module_url . 'lib/calendar.css', false, EDIT_FLOW_VERSION ); + wp_enqueue_style( 'edit-flow-calendar-react-css', $this->module_url . 'lib/dist/calendar.react.style.build.css', array( 'wp-components' ), EDIT_FLOW_VERSION ); + } } - } + /** + * Add any necessary JS to the WordPress admin + * + * @since 0.7 + * @uses wp_enqueue_script() + */ + public function enqueue_admin_scripts() { + global $pagenow; + + if ( 'index.php' === $pagenow && isset( $_GET['page'] ) && 'calendar' === $_GET['page'] ) { + $this->enqueue_datepicker_resources(); + + $js_libraries = array( + 'jquery', + 'jquery-ui-core', + 'jquery-ui-sortable', + 'jquery-ui-draggable', + 'jquery-ui-droppable', + 'wp-data', + ); + foreach ( $js_libraries as $js_library ) { + wp_enqueue_script( $js_library ); + } + wp_enqueue_script( 'edit-flow-calendar-js', $this->module_url . 'lib/calendar.js', $js_libraries, EDIT_FLOW_VERSION, true ); + + $ef_cal_js_params = array( 'can_add_posts' => current_user_can( $this->create_post_cap ) ? 'true' : 'false' ); + wp_localize_script( 'edit-flow-calendar-js', 'ef_calendar_params', $ef_cal_js_params ); - /** - * Prepare the options that need to appear in Screen Options - * - * @since 0.7 - */ - function generate_screen_options() { + /** + * Powering the new React interface + */ + wp_enqueue_script( 'edit-flow-calendar-react-js', $this->module_url . 'lib/dist/calendar.react.build.js', array( 'react', 'react-dom', 'wp-components', 'wp-url', 'wp-data', 'moment' ), EDIT_FLOW_VERSION, true ); - $output = ''; + wp_add_inline_script( + 'edit-flow-calendar-react-js', + 'var EF_CALENDAR = ' . wp_json_encode( $this->get_calendar_frontend_config() ), + 'before' + ); + } + } - $args = array( + /** + * Prepare the options that need to appear in Screen Options + * + * @since 0.7 + */ + public function generate_screen_options() { + + $output = ''; + + $args = array( 'action' => 'ef_calendar_ics_subscription', 'user' => wp_get_current_user()->user_login, 'user_key' => md5( wp_get_current_user()->user_login . $this->module->options->ics_secret_key ), ); - $subscription_link = add_query_arg( $args, admin_url( 'admin-ajax.php' ) ); - $output .= '
'; - $output .= __( 'Subscribe in iCal or Google Calendar', 'edit-flow' ); - $output .= ':
'; - - return $output; - } - - /** - * Add module options to the screen panel - * - * @since 0.8.3 - */ - function add_screen_options_panel() { - require_once( EDIT_FLOW_ROOT . '/common/php/' . 'screen-options.php' ); - if ( 'on' == $this->module->options->ics_subscription && $this->module->options->ics_secret_key ) { - add_screen_options_panel( self::usermeta_key_prefix . 'screen_options', __( 'Calendar Options', 'edit-flow' ), array( $this, 'generate_screen_options' ), self::screen_id, false, true ); - } - } - - /** - * Handle the request to save the screen options - * - * @since 0.7 - */ - function handle_save_screen_options() { - - // Only handle screen options submissions from the current screen - if ( ! isset( $_POST['screen-options-apply'] ) ) - return; - - // Nonce check - // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - if ( !isset( $_POST['_wpnonce-' . self::usermeta_key_prefix . 'screen_options'] ) || !wp_verify_nonce ( $_POST['_wpnonce-' . self::usermeta_key_prefix . 'screen_options'], 'save_settings-' . self::usermeta_key_prefix . 'screen_options' ) ) { - wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); - } + $subscription_link = add_query_arg( $args, admin_url( 'admin-ajax.php' ) ); + $output .= '
'; + $output .= __( 'Subscribe in iCal or Google Calendar', 'edit-flow' ); + $output .= ':
'; - // Get the current screen options - $screen_options = $this->get_screen_options(); - - // Save the screen options - $current_user = wp_get_current_user(); - $this->update_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', $screen_options ); - - // Redirect after we're complete - $redirect_to = menu_page_url( $this->module->slug, false ); - wp_redirect( $redirect_to ); - exit; - } - - /** - * Handle an AJAX request from the calendar to update a post's timestamp. - * Notes: - * - For Post Time, if the post is unpublished, the change sets the publication timestamp - * - If the post was published or scheduled for the future, the change will change the timestamp. 'publish' posts - * will become scheduled if moved past today and 'future' posts will be published if moved before today - * - Need to respect user permissions. Editors can move all, authors can move their own, and contributors can't move at all - * - * @since 0.7 - */ - function handle_ajax_drag_and_drop() { - global $wpdb; - - // Nonce check! - if ( !isset( $_POST['nonce'] ) || !wp_verify_nonce( $_POST['nonce'], 'ef-calendar-modify' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - $this->print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + return $output; } - if ( !isset( $_POST['post_id'] ) ) { - $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + /** + * Add module options to the screen panel + * + * @since 0.8.3 + */ + public function add_screen_options_panel() { + require_once EDIT_FLOW_ROOT . '/common/php/screen-options.php'; + if ( 'on' == $this->module->options->ics_subscription && $this->module->options->ics_secret_key ) { + add_screen_options_panel( self::usermeta_key_prefix . 'screen_options', __( 'Calendar Options', 'edit-flow' ), array( $this, 'generate_screen_options' ), self::screen_id, false, true ); + } } - // Check that we got a proper post - $post_id = (int) $_POST['post_id']; - $post = get_post( $post_id ); - if ( !$post ) { - $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); - } + /** + * Handle the request to save the screen options + * + * @since 0.7 + */ + public function handle_save_screen_options() { - // Check that the user can modify the post - if ( !$this->current_user_can_modify_post( $post ) ) { - $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); - } + // Only handle screen options submissions from the current screen + if ( ! isset( $_POST['screen-options-apply'] ) ) { + return; + } - // Check that it's not yet published - if ( in_array( $post->post_status, $this->published_statuses ) ) { - $this->print_ajax_response( 'error', sprintf( $this->module->messages['published-post-ajax'], get_edit_post_link( $post_id ) ) ); - } + // Nonce check + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + if ( ! isset( $_POST[ '_wpnonce-' . self::usermeta_key_prefix . 'screen_options' ] ) || ! wp_verify_nonce( $_POST[ '_wpnonce-' . self::usermeta_key_prefix . 'screen_options' ], 'save_settings-' . self::usermeta_key_prefix . 'screen_options' ) ) { + wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); + } - if ( !isset( $_POST['next_date'] ) ) { - $this->print_ajax_response( 'error', __( 'Missing new date.', 'edit-flow' ) ); - } + // Get the current screen options + $screen_options = $this->get_screen_options(); + + // Save the screen options + $current_user = wp_get_current_user(); + $this->update_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', $screen_options ); - // Check that the new date passed is a valid one - $next_date_full = strtotime( $_POST['next_date'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - if ( !$next_date_full ) { - $this->print_ajax_response( 'error', __( 'Something is wrong with the format for the new date.', 'edit-flow' ) ); + // Redirect after we're complete + $redirect_to = menu_page_url( $this->module->slug, false ); + wp_redirect( $redirect_to ); + exit; } - // Persist the old hourstamp because we can't manipulate the exact time on the calendar - // Bump the last modified timestamps too - $existing_time = date( 'H:i:s', strtotime( $post->post_date ) ); - $existing_time_gmt = date( 'H:i:s', strtotime( $post->post_date_gmt ) ); - $new_values = array( - 'post_date' => date( 'Y-m-d', $next_date_full ) . ' ' . $existing_time, - 'post_modified' => current_time( 'mysql' ), - 'post_modified_gmt' => current_time( 'mysql', 1 ), - ); + /** + * Handle an AJAX request from the calendar to update a post's timestamp. + * Notes: + * - For Post Time, if the post is unpublished, the change sets the publication timestamp + * - If the post was published or scheduled for the future, the change will change the timestamp. 'publish' posts + * will become scheduled if moved past today and 'future' posts will be published if moved before today + * - Need to respect user permissions. Editors can move all, authors can move their own, and contributors can't move at all + * + * @since 0.7 + */ + public function handle_ajax_drag_and_drop() { + global $wpdb; - // By default, changing a post on the calendar won't set the timestamp. - // If the user desires that to be the behaviour, they can set the result of this filter to 'true' - // With how WordPress works internally, setting 'post_date_gmt' will set the timestamp - if ( apply_filters( 'ef_calendar_allow_ajax_to_set_timestamp', false ) ) { - $new_values['post_date_gmt'] = date( 'Y-m-d', $next_date_full ) . ' ' . $existing_time_gmt; - } + // Nonce check! + if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'ef-calendar-modify' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + $this->print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + } - // We have to do SQL unfortunately because of core bugginess - // Note to those reading this: bug Nacin to allow us to finish the custom status API - // See http://core.trac.wordpress.org/ticket/18362 - $response = $wpdb->update( $wpdb->posts, $new_values, array( 'ID' => $post->ID ) ); - clean_post_cache( $post->ID ); + if ( ! isset( $_POST['post_id'] ) ) { + $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + } - if ( !$response ) { - $this->print_ajax_response( 'error', $this->module->messages['update-error'] ); - } + // Check that we got a proper post + $post_id = (int) $_POST['post_id']; + $post = get_post( $post_id ); + if ( ! $post ) { + $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + } - $this->print_ajax_response( 'success', $this->module->messages['post-date-updated'] ); - exit; - } - - /** - * After checking that the request is valid, do an .ics file - * - * @since 0.8 - */ - function handle_ics_subscription() { - - // Only do .ics subscriptions when the option is active - if ( 'on' != $this->module->options->ics_subscription ) - die(); // @todo return accepted response value. - - // Confirm all of the arguments are present - if ( ! isset( $_GET['user'], $_GET['user_key'] ) ) // phpcs:ignore WordPress.Security.NonceVerification.Recommended - die(); // @todo return an error response - - // Confirm this is a valid request - $user = sanitize_user( $_GET['user'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended - $user_key = sanitize_user( $_GET['user_key'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended - $ics_secret_key = $this->module->options->ics_secret_key; - if ( ! $ics_secret_key || md5( $user . $ics_secret_key ) !== $user_key ) { - die( esc_html( $this->module->messages['nonce-failed'] ) ); - } + // Check that the user can modify the post + if ( ! $this->current_user_can_modify_post( $post ) ) { + $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + } + + // Check that it's not yet published + if ( in_array( $post->post_status, $this->published_statuses ) ) { + $this->print_ajax_response( 'error', sprintf( $this->module->messages['published-post-ajax'], get_edit_post_link( $post_id ) ) ); + } - // Set up the post data to be printed - $post_query_args = array(); - $calendar_filters = $this->calendar_filters(); - foreach( $calendar_filters as $filter ) { - if ( isset( $_GET[$filter] ) && false !== ( $value = $this->sanitize_filter( $filter, $_GET[$filter] ) ) ) //phpcs:ignore WordPress.Security.NonceVerification.Recommended - $post_query_args[$filter] = $value; + if ( ! isset( $_POST['next_date'] ) ) { + $this->print_ajax_response( 'error', __( 'Missing new date.', 'edit-flow' ) ); + } + + // Check that the new date passed is a valid one + $next_date_full = strtotime( $_POST['next_date'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + if ( ! $next_date_full ) { + $this->print_ajax_response( 'error', __( 'Something is wrong with the format for the new date.', 'edit-flow' ) ); + } + + // Persist the old hourstamp because we can't manipulate the exact time on the calendar + // Bump the last modified timestamps too + $existing_time = date( 'H:i:s', strtotime( $post->post_date ) ); + $existing_time_gmt = date( 'H:i:s', strtotime( $post->post_date_gmt ) ); + $new_values = array( + 'post_date' => date( 'Y-m-d', $next_date_full ) . ' ' . $existing_time, + 'post_modified' => current_time( 'mysql' ), + 'post_modified_gmt' => current_time( 'mysql', 1 ), + ); + + // By default, changing a post on the calendar won't set the timestamp. + // If the user desires that to be the behaviour, they can set the result of this filter to 'true' + // With how WordPress works internally, setting 'post_date_gmt' will set the timestamp + if ( apply_filters( 'ef_calendar_allow_ajax_to_set_timestamp', false ) ) { + $new_values['post_date_gmt'] = date( 'Y-m-d', $next_date_full ) . ' ' . $existing_time_gmt; + } + + // We have to do SQL unfortunately because of core bugginess + // Note to those reading this: bug Nacin to allow us to finish the custom status API + // See http://core.trac.wordpress.org/ticket/18362 + $response = $wpdb->update( $wpdb->posts, $new_values, array( 'ID' => $post->ID ) ); + clean_post_cache( $post->ID ); + + if ( ! $response ) { + $this->print_ajax_response( 'error', $this->module->messages['update-error'] ); + } + + $this->print_ajax_response( 'success', $this->module->messages['post-date-updated'] ); + exit; } - // Set the start date for the posts_where filter - $this->start_date = apply_filters( 'ef_calendar_ics_subscription_start_date', $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ) ); - - $this->total_weeks = apply_filters( 'ef_calendar_total_weeks', $this->total_weeks, 'ics_subscription' ); - - $formatted_posts = array(); - for( $current_week = 1; $current_week <= $this->total_weeks; $current_week++ ) { - // We need to set the object variable for our posts_where filter - $this->current_week = $current_week; - $week_posts = $this->get_calendar_posts_for_week( $post_query_args, 'ics_subscription' ); - foreach( $week_posts as $date => $day_posts ) { - foreach( $day_posts as $num => $post ) { - - $start_date = self::ics_format_time( $post->post_date ); - $end_date = self::ics_format_time( $post->post_date, 5 * MINUTE_IN_SECONDS ); - $last_modified = self::ics_format_time( $post->post_modified ); - $post_status_obj = get_post_status_object( get_post_status( $post->ID ) ); - // Remove the convert chars and wptexturize filters from the title - remove_filter( 'the_title', 'convert_chars' ); - remove_filter( 'the_title', 'wptexturize' ); - - $formatted_post = array( - 'BEGIN' => 'VEVENT', - 'UID' => $post->guid, - 'SUMMARY' => $this->do_ics_escaping( apply_filters( 'the_title', $post->post_title ) ) . ' - ' . $post_status_obj->label, - 'DTSTART' => $start_date, - 'DTEND' => $end_date, - 'LAST-MODIFIED' => $last_modified, - 'URL' => get_post_permalink( $post->ID ), - ); + /** + * After checking that the request is valid, do an .ics file + * + * @since 0.8 + */ + public function handle_ics_subscription() { - // Description should include everything visible in the calendar popup - $information_fields = $this->get_post_information_fields( $post ); - $formatted_post['DESCRIPTION'] = ''; - if ( ! empty( $information_fields ) ) { - foreach( $information_fields as $key => $values ) { - $formatted_post['DESCRIPTION'] .= $values['label'] . ': ' . $values['value'] . '\n'; + // Only do .ics subscriptions when the option is active + if ( 'on' != $this->module->options->ics_subscription ) { + die(); // @todo return accepted response value. + } + + // Confirm all of the arguments are present + if ( ! isset( $_GET['user'], $_GET['user_key'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended + die(); // @todo return an error response + } + + // Confirm this is a valid request + $user = sanitize_user( $_GET['user'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $user_key = sanitize_user( $_GET['user_key'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $ics_secret_key = $this->module->options->ics_secret_key; + if ( ! $ics_secret_key || md5( $user . $ics_secret_key ) !== $user_key ) { + die( esc_html( $this->module->messages['nonce-failed'] ) ); + } + + // Set up the post data to be printed + $post_query_args = array(); + $calendar_filters = $this->calendar_filters(); + foreach ( $calendar_filters as $filter ) { + if ( isset( $_GET[ $filter ] ) && false !== ( $value = $this->sanitize_filter( $filter, $_GET[ $filter ] ) ) ) { //phpcs:ignore WordPress.Security.NonceVerification.Recommended + $post_query_args[ $filter ] = $value; + } + } + + // Set the start date for the posts_where filter + $this->start_date = apply_filters( 'ef_calendar_ics_subscription_start_date', $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ) ); + + $this->total_weeks = apply_filters( 'ef_calendar_total_weeks', $this->total_weeks, 'ics_subscription' ); + + $formatted_posts = array(); + for ( $current_week = 1; $current_week <= $this->total_weeks; $current_week++ ) { + // We need to set the object variable for our posts_where filter + $this->current_week = $current_week; + $week_posts = $this->get_calendar_posts_for_week( $post_query_args, 'ics_subscription' ); + foreach ( $week_posts as $date => $day_posts ) { + foreach ( $day_posts as $num => $post ) { + + $start_date = self::ics_format_time( $post->post_date ); + $end_date = self::ics_format_time( $post->post_date, 5 * MINUTE_IN_SECONDS ); + $last_modified = self::ics_format_time( $post->post_modified ); + $post_status_obj = get_post_status_object( get_post_status( $post->ID ) ); + // Remove the convert chars and wptexturize filters from the title + remove_filter( 'the_title', 'convert_chars' ); + remove_filter( 'the_title', 'wptexturize' ); + + $formatted_post = array( + 'BEGIN' => 'VEVENT', + 'UID' => $post->guid, + 'SUMMARY' => $this->do_ics_escaping( apply_filters( 'the_title', $post->post_title ) ) . ' - ' . $post_status_obj->label, + 'DTSTART' => $start_date, + 'DTEND' => $end_date, + 'LAST-MODIFIED' => $last_modified, + 'URL' => get_post_permalink( $post->ID ), + ); + + // Description should include everything visible in the calendar popup + $information_fields = $this->get_post_information_fields( $post ); + $formatted_post['DESCRIPTION'] = ''; + if ( ! empty( $information_fields ) ) { + foreach ( $information_fields as $key => $values ) { + $formatted_post['DESCRIPTION'] .= $values['label'] . ': ' . $values['value'] . '\n'; + } + $formatted_post['DESCRIPTION'] = rtrim( $formatted_post['DESCRIPTION'] ); } - $formatted_post['DESCRIPTION'] = rtrim( $formatted_post['DESCRIPTION'] ); - } - $formatted_post['END'] = 'VEVENT'; + $formatted_post['END'] = 'VEVENT'; - // @todo auto format any field longer than 75 bytes + // @todo auto format any field longer than 75 bytes - $formatted_posts[] = $formatted_post; + $formatted_posts[] = $formatted_post; + } } } - } - // Other template data - $header = array( + // Other template data + $header = array( 'BEGIN' => 'VCALENDAR', 'VERSION' => '2.0', 'PRODID' => '-//Edit Flow//Edit Flow ' . EDIT_FLOW_VERSION . '//EN', ); - $footer = array( + $footer = array( 'END' => 'VCALENDAR', ); - // Render the .ics template and set the content type - header( 'Content-type: text/calendar' ); - foreach( array( $header, $formatted_posts, $footer ) as $section ) { - foreach( $section as $key => $value ) { - /** - * This is output to text/calendar content-type - */ - if ( is_string( $value ) ) - echo $this->do_ics_line_folding( $key . ':' . $value ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped - else - foreach( $value as $k => $v ) { - echo $this->do_ics_line_folding( $k . ':' . $v ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + // Render the .ics template and set the content type + header( 'Content-type: text/calendar' ); + foreach ( array( $header, $formatted_posts, $footer ) as $section ) { + foreach ( $section as $key => $value ) { + /** + * This is output to text/calendar content-type + */ + if ( is_string( $value ) ) { + echo $this->do_ics_line_folding( $key . ':' . $value ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + } else { + foreach ( $value as $k => $v ) { + echo $this->do_ics_line_folding( $k . ':' . $v ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + } } + } } - } - die(); - - } - - /** - * Perform line folding according to RFC 5545. - * - * @param string $line The line without trailing CRLF - * @return string The line after line-folding with all necessary CRLF. - */ - function do_ics_line_folding( $line ) { - $len = mb_strlen( $line ); - if ( $len <= 75) { - return $line . "\r\n"; + die(); } - $chunks = array(); - $start = 0; - while( true ) { - $chunk = mb_substr( $line, $start, 75 ); - $chunkLen = mb_strlen( $chunk ); - $start += $chunkLen; - if ( $start < $len ) { - $chunks[] = $chunk . "\r\n "; + /** + * Perform line folding according to RFC 5545. + * + * @param string $line The line without trailing CRLF + * @return string The line after line-folding with all necessary CRLF. + */ + public function do_ics_line_folding( $line ) { + $len = mb_strlen( $line ); + if ( $len <= 75 ) { + return $line . "\r\n"; } - else { - $chunks[] = $chunk ."\r\n"; - return implode( "", $chunks ); + + $chunks = array(); + $start = 0; + while ( true ) { + $chunk = mb_substr( $line, $start, 75 ); + $chunk_len = mb_strlen( $chunk ); + $start += $chunk_len; + if ( $start < $len ) { + $chunks[] = $chunk . "\r\n "; + } else { + $chunks[] = $chunk . "\r\n"; + return implode( '', $chunks ); + } } } - } - - /** - * Perform the encoding necessary for ICS feed text. - * - * @param string $text The string that needs to be escaped - * @return string The string after escaping for ICS. - * @since 0.8 - * */ - - function do_ics_escaping( $text ) { - $text = str_replace( ",", "\,", $text ); - $text = str_replace( ";", "\:", $text ); - $text = str_replace( "\\", "\\\\", $text ); - return $text; - } - - /** - * Convert a time string into a `.ics` formatted time string with the proper GMT offset - * - * @param $time_string - Any time string that `strtotime()` can understand - * @param int $offset_in_seconds - Allows to offset the timestamp generated from $time_string - * - * @return string|false - */ - public static function ics_format_time( $time_string, $offset_in_seconds = 0) { - - // Timestamp it - $timestamp = strtotime( $time_string ); - - if( ! $timestamp ) { - return false; - } - // Subtract GMT Offset to return to UTC+0 - $timestamp -= get_option('gmt_offset') * HOUR_IN_SECONDS; + /** + * Perform the encoding necessary for ICS feed text. + * + * @param string $text The string that needs to be escaped + * @return string The string after escaping for ICS. + * @since 0.8 + * */ + + public function do_ics_escaping( $text ) { + $text = str_replace( ',', '\,', $text ); + $text = str_replace( ';', '\:', $text ); + $text = str_replace( '\\', '\\\\', $text ); + return $text; + } - // Add manual offset - $timestamp += $offset_in_seconds; + /** + * Convert a time string into a `.ics` formatted time string with the proper GMT offset + * + * @param $time_string - Any time string that `strtotime()` can understand + * @param int $offset_in_seconds - Allows to offset the timestamp generated from $time_string + * + * @return string|false + */ + public static function ics_format_time( $time_string, $offset_in_seconds = 0 ) { - // \T and \Z are escaped for literal T and Z characters - return date( 'Ymd\THis\Z', $timestamp ); + // Timestamp it + $timestamp = strtotime( $time_string ); - } + if ( ! $timestamp ) { + return false; + } - /** - * Handle a request to regenerate the calendar feed secret - * - * @since 0.8 - */ - public function handle_regenerate_calendar_feed_secret() { + // Subtract GMT Offset to return to UTC+0 + $timestamp -= get_option( 'gmt_offset' ) * HOUR_IN_SECONDS; - if ( ! isset( $_GET['action'] ) || 'ef_calendar_regenerate_calendar_feed_secret' != $_GET['action'] ) - return; + // Add manual offset + $timestamp += $offset_in_seconds; - if ( ! current_user_can( 'manage_options' ) ) { - wp_die( esc_html( $this->module->messages['invalid-permissions'] ) ); + // \T and \Z are escaped for literal T and Z characters + return date( 'Ymd\THis\Z', $timestamp ); } - if ( ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], 'ef-regenerate-ics-key' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); - } + /** + * Handle a request to regenerate the calendar feed secret + * + * @since 0.8 + */ + public function handle_regenerate_calendar_feed_secret() { - EditFlow()->update_module_option( $this->module->name, 'ics_secret_key', wp_generate_password() ); + if ( ! isset( $_GET['action'] ) || 'ef_calendar_regenerate_calendar_feed_secret' != $_GET['action'] ) { + return; + } - wp_safe_redirect( add_query_arg( 'message', 'key-regenerated', menu_page_url( $this->module->settings_slug, false ) ) ); - exit; - } + if ( ! current_user_can( 'manage_options' ) ) { + wp_die( esc_html( $this->module->messages['invalid-permissions'] ) ); + } - /** - * Get a user's screen options - * - * @since 0.7 - * @uses get_user_meta() - * - * @return array $screen_options The screen options values - */ - function get_screen_options() { + if ( ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], 'ef-regenerate-ics-key' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); + } + + EditFlow()->update_module_option( $this->module->name, 'ics_secret_key', wp_generate_password() ); + + wp_safe_redirect( add_query_arg( 'message', 'key-regenerated', menu_page_url( $this->module->settings_slug, false ) ) ); + exit; + } /** - * `num_weeks` has been moved to a filter and out of screen options, it's maintained here for legacy purposes - * @deprecated `num_weeks` + * Get a user's screen options + * + * @since 0.7 + * @uses get_user_meta() + * + * @return array $screen_options The screen options values */ - $defaults = array( - 'num_weeks' => (int)$this->total_weeks, - ); - $current_user = wp_get_current_user(); - $screen_options = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', true ); - $screen_options = array_merge( (array)$defaults, (array)$screen_options ); - - return $screen_options; - } - - /** - * Get the user's filters for calendar, either with $_GET or from saved - * - * @uses get_user_meta() - * @return array $filters All of the set or saved calendar filters - */ - function get_filters() { - $current_user = wp_get_current_user(); - $filters = array(); - $old_filters = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', true ); + public function get_screen_options() { + + /** + * `num_weeks` has been moved to a filter and out of screen options, it's maintained here for legacy purposes + * @deprecated `num_weeks` + */ + $defaults = array( + 'num_weeks' => (int) $this->total_weeks, + ); + $current_user = wp_get_current_user(); + $screen_options = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', true ); + $screen_options = array_merge( (array) $defaults, (array) $screen_options ); + + return $screen_options; + } /** - * To support legacy screen option for num_weeks + * Get the user's filters for calendar, either with $_GET or from saved + * + * @uses get_user_meta() + * @return array $filters All of the set or saved calendar filters */ - $screen_options = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', true ); + public function get_filters() { + $current_user = wp_get_current_user(); + $filters = array(); + $old_filters = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', true ); - $default_filters = array( + /** + * To support legacy screen option for num_weeks + */ + $screen_options = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'screen_options', true ); + + $default_filters = array( 'post_status' => '', 'cpt' => '', 'cat' => '', @@ -634,68 +642,69 @@ function get_filters() { 'num_weeks' => $this->total_weeks, 'start_date' => date( 'Y-m-d', current_time( 'timestamp' ) ), ); - $old_filters = array_merge( $default_filters, isset( $screen_options['num_weeks'] ) ? array( 'num_weeks' => $screen_options['num_weeks'] ) : array(), (array)$old_filters ); - - // Sanitize and validate any newly added filters - foreach( $old_filters as $key => $old_value ) { - if ( isset( $_GET[$key] ) && false !== ( $new_value = $this->sanitize_filter( $key, $_GET[$key] ) ) ) - $filters[$key] = $new_value; - else - $filters[$key] = $old_value; - } + $old_filters = array_merge( $default_filters, isset( $screen_options['num_weeks'] ) ? array( 'num_weeks' => $screen_options['num_weeks'] ) : array(), (array) $old_filters ); - // Set the start date as the beginning of the week, according to blog settings - $filters['start_date'] = $this->get_beginning_of_week( $filters['start_date'] ); + // Sanitize and validate any newly added filters + foreach ( $old_filters as $key => $old_value ) { + if ( isset( $_GET[ $key ] ) && false !== ( $new_value = $this->sanitize_filter( $key, $_GET[ $key ] ) ) ) { + $filters[ $key ] = $new_value; + } else { + $filters[ $key ] = $old_value; + } + } - $filters = apply_filters( 'ef_calendar_filter_values', $filters, $old_filters ); + // Set the start date as the beginning of the week, according to blog settings + $filters['start_date'] = $this->get_beginning_of_week( $filters['start_date'] ); - $this->update_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', $filters ); + $filters = apply_filters( 'ef_calendar_filter_values', $filters, $old_filters ); - return $filters; - } + $this->update_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', $filters ); - /** - * Build all of the HTML for the calendar view - */ - function view_calendar() { - $supported_post_types = $this->get_post_types_for_module( $this->module ); + return $filters; + } - // Get filters either from $_GET or from user settings - $filters = $this->get_filters(); + /** + * Build all of the HTML for the calendar view + */ + public function view_calendar() { + $supported_post_types = $this->get_post_types_for_module( $this->module ); - // Total number of weeks to display on the calendar. Run it through a filter in case we want to override the - // user's standard - $this->total_weeks = apply_filters( 'ef_calendar_total_weeks', $filters['num_weeks'], 'dashboard' ); + // Get filters either from $_GET or from user settings + $filters = $this->get_filters(); - $dotw = array( - 'Sat', - 'Sun', - ); - $dotw = apply_filters( 'ef_calendar_weekend_days', $dotw ); - - // For generating the WP Query objects later on - $post_query_args = array( - 'post_status' => $filters['post_status'], - 'post_type' => $filters['cpt'], - 'cat' => $filters['cat'], - 'author' => $filters['author'] - ); - $this->start_date = $filters['start_date']; + // Total number of weeks to display on the calendar. Run it through a filter in case we want to override the + // user's standard + $this->total_weeks = apply_filters( 'ef_calendar_total_weeks', $filters['num_weeks'], 'dashboard' ); - // We use this later to label posts if they need labeling - if ( count( $supported_post_types ) > 1 ) { - $all_post_types = get_post_types( null, 'objects' ); - } - $dates = array(); - $heading_date = $filters['start_date']; - for ( $i=0; $i<7; $i++ ) { - $dates[$i] = $heading_date; - $heading_date = date( 'Y-m-d', strtotime( "+1 day", strtotime( $heading_date ) ) ); - } + $dotw = array( + 'Sat', + 'Sun', + ); + $dotw = apply_filters( 'ef_calendar_weekend_days', $dotw ); + + // For generating the WP Query objects later on + $post_query_args = array( + 'post_status' => $filters['post_status'], + 'post_type' => $filters['cpt'], + 'cat' => $filters['cat'], + 'author' => $filters['author'], + ); + $this->start_date = $filters['start_date']; - // we sort by post statuses....... eventually - $post_statuses = $this->get_calendar_post_stati(); - ?> + // We use this later to label posts if they need labeling + if ( count( $supported_post_types ) > 1 ) { + $all_post_types = get_post_types( null, 'objects' ); + } + $dates = array(); + $heading_date = $filters['start_date']; + for ( $i = 0; $i < 7; $i++ ) { + $dates[ $i ] = $heading_date; + $heading_date = date( 'Y-m-d', strtotime( '+1 day', strtotime( $heading_date ) ) ); + } + + // we sort by post statuses....... eventually + $post_statuses = $this->get_calendar_post_stati(); + ?>
module->img_url ) . '" class="module-icon icon32" />'; ?> @@ -704,23 +713,25 @@ function view_calendar() {

'; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped - if ( isset( $_GET['trashed'] ) && (int) $_GET['trashed'] ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - echo esc_html( sprintf( _n( 'Post moved to the trash.', '%d posts moved to the trash.', $_GET['trashed'] ), number_format_i18n( $_GET['trashed'] ) ) ); - $ids = isset($_GET['ids']) ? $_GET['ids'] : 0; - $pid = explode( ',', $ids ); - $post_type = get_post_type( $pid[0] ); - echo ' ' . esc_html__( 'Undo', 'edit-flow' ) . '
'; - unset( $_GET['trashed'] ); - } - if ( isset($_GET['untrashed'] ) && (int) $_GET['untrashed'] ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized - echo esc_html( sprintf( _n( 'Post restored from the Trash.', '%d posts restored from the Trash.', $_GET['untrashed'] ), number_format_i18n( $_GET['untrashed'] ) ) ); - unset( $_GET['undeleted'] ); - } - echo '

'; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + if ( isset( $_GET['trashed'] ) || isset( $_GET['untrashed'] ) ) { + + echo '

'; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + if ( isset( $_GET['trashed'] ) && (int) $_GET['trashed'] ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + /* translators: %d: number of posts trashed */ + echo esc_html( sprintf( _n( 'Post moved to the trash.', '%d posts moved to the trash.', $_GET['trashed'] ), number_format_i18n( $_GET['trashed'] ) ) ); + $ids = isset( $_GET['ids'] ) ? $_GET['ids'] : 0; + $pid = explode( ',', $ids ); + $post_type = get_post_type( $pid[0] ); + echo ' ' . esc_html__( 'Undo', 'edit-flow' ) . '
'; + unset( $_GET['trashed'] ); + } + if ( isset( $_GET['untrashed'] ) && (int) $_GET['untrashed'] ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + /* translators: %d: number of posts restored */ + echo esc_html( sprintf( _n( 'Post restored from the Trash.', '%d posts restored from the Trash.', $_GET['untrashed'] ), number_format_i18n( $_GET['untrashed'] ) ) ); + unset( $_GET['undeleted'] ); } + echo '

'; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + } ?>
@@ -730,12 +741,13 @@ function view_calendar() { total_weeks == 1 ) - $table_classes[] = 'one-week-showing'; - elseif ( $this->total_weeks == 2 ) - $table_classes[] = 'two-weeks-showing'; - elseif ( $this->total_weeks == 3 ) - $table_classes[] = 'three-weeks-showing'; + if ( 1 == $this->total_weeks ) { + $table_classes[] = 'one-week-showing'; + } elseif ( 2 == $this->total_weeks ) { + $table_classes[] = 'two-weeks-showing'; + } elseif ( 3 == $this->total_weeks ) { + $table_classes[] = 'three-weeks-showing'; + } $table_classes = apply_filters( 'ef_calendar_table_classes', $table_classes ); ?> @@ -749,7 +761,7 @@ function view_calendar() { total_weeks; $current_week++ ): + for ( $current_week = 1; $current_week <= $this->total_weeks; $current_week++ ) : // We need to set the object variable for our posts_where filter $this->current_week = $current_week; $week_posts = $this->get_calendar_posts_for_week( $post_query_args ); @@ -757,103 +769,108 @@ function view_calendar() { $week_single_date = $this->get_beginning_of_week( $filters['start_date'], $date_format, $current_week ); $week_dates = array(); $split_month = false; - for ( $i = 0 ; $i < 7; $i++ ) { - $week_dates[$i] = $week_single_date; + for ( $i = 0; $i < 7; $i++ ) { + $week_dates[ $i ] = $week_single_date; $single_date_month = date_i18n( 'F', strtotime( $week_single_date ) ); if ( $single_date_month != $current_month ) { $split_month = $single_date_month; $current_month = $single_date_month; } - $week_single_date = date( 'Y-m-d', strtotime( "+1 day", strtotime( $week_single_date ) ) ); + $week_single_date = date( 'Y-m-d', strtotime( '+1 day', strtotime( $week_single_date ) ) ); } - ?> - + ?> + - $week_single_date ) { - if ( date_i18n( 'F', strtotime( $week_single_date ) ) != $split_month && date_i18n( 'F', strtotime( "+1 day", strtotime( $week_single_date ) ) ) == $split_month ) { - $previous_month = date_i18n( 'F', strtotime( $week_single_date ) ); - echo '' . esc_html( $previous_month ) . ''; - } else if ( date_i18n( 'F', strtotime( $week_single_date ) ) == $split_month && date_i18n( 'F', strtotime( "-1 day", strtotime( $week_single_date ) ) ) != $split_month ) { - echo '' . esc_html( $split_month ) . ''; - } else { - echo ''; + $week_single_date ) { + if ( date_i18n( 'F', strtotime( $week_single_date ) ) != $split_month && date_i18n( 'F', strtotime( '+1 day', strtotime( $week_single_date ) ) ) == $split_month ) { + $previous_month = date_i18n( 'F', strtotime( $week_single_date ) ); + echo '' . esc_html( $previous_month ) . ''; + } else if ( date_i18n( 'F', strtotime( $week_single_date ) ) == $split_month && date_i18n( 'F', strtotime( '-1 day', strtotime( $week_single_date ) ) ) != $split_month ) { + echo '' . esc_html( $split_month ) . ''; + } else { + echo ''; + } } - } ?> + ?> - $week_single_date ): ?> - name] = array(); - } - // These statuses aren't handled by custom statuses or post statuses - $week_posts_by_status['private'] = array(); - $week_posts_by_status['publish'] = array(); - $week_posts_by_status['future'] = array(); - foreach( $week_posts[$week_single_date] as $num => $post ) { - $week_posts_by_status[$post->post_status][$num] = $post; - } - unset( $week_posts[$week_single_date] ); - foreach( $week_posts_by_status as $status ) { - foreach( $status as $num => $post ) { - $week_posts[$week_single_date][] = $post; + $week_single_date ) : ?> + name ] = array(); + } + // These statuses aren't handled by custom statuses or post statuses + $week_posts_by_status['private'] = array(); + $week_posts_by_status['publish'] = array(); + $week_posts_by_status['future'] = array(); + foreach ( $week_posts[ $week_single_date ] as $num => $post ) { + $week_posts_by_status[ $post->post_status ][ $num ] = $post; + } + unset( $week_posts[ $week_single_date ] ); + foreach ( $week_posts_by_status as $status ) { + foreach ( $status as $num => $post ) { + $week_posts[ $week_single_date ][] = $post; + } } } - } - $td_classes = array( - 'day-unit', - ); - $day_name = date( 'D', strtotime( $week_single_date ) ); + $td_classes = array( + 'day-unit', + ); + $day_name = date( 'D', strtotime( $week_single_date ) ); - if ( in_array( $day_name, $dotw ) ) - $td_classes[] = 'weekend-day'; + if ( in_array( $day_name, $dotw ) ) { + $td_classes[] = 'weekend-day'; + } - if ( $week_single_date == date( 'Y-m-d', current_time( 'timestamp' ) ) ) - $td_classes[] = 'today'; + if ( date( 'Y-m-d', current_time( 'timestamp' ) ) == $week_single_date ) { + $td_classes[] = 'today'; + } - // Last day of the week - if ( $day_num == 6 ) - $td_classes[] = 'last-day'; + // Last day of the week + if ( 6 == $day_num ) { + $td_classes[] = 'last-day'; + } - $td_classes = apply_filters( 'ef_calendar_table_td_classes', $td_classes, $week_single_date ); - ?> + $td_classes = apply_filters( 'ef_calendar_table_td_classes', $td_classes, $week_single_date ); + ?> - +
- hidden ): ?> - hidden ) ); ?> + hidden ) : ?> + hidden ) ); ?> - create_post_cap ) ) : - $date_formatted = date( 'D, M jS, Y', strtotime( $week_single_date ) ); - ?> + create_post_cap ) ) : + $date_formatted = date( 'D, M jS, Y', strtotime( $week_single_date ) ); + ?>
@@ -862,12 +879,12 @@ function view_calendar() {
- - get_quick_create_post_type_name() ) ); ?> » + + get_quick_create_post_type_name() ) ); ?> »
 
- + @@ -879,64 +896,66 @@ function view_calendar() { + wp_nonce_field( 'ef-calendar-modify', 'ef-calendar-modify' ); + ?>
- current_user_can_modify_post( $post ) ) ? 'can_modify' : 'read_only'; - $cache_key = $post->ID . $can_modify . '_' . get_current_user_id(); - $cache_val = wp_cache_get( $cache_key, self::$post_li_html_cache_key ); - // Because $num is pertinent to the display of the post LI, need to make sure that's what's in cache - if ( is_array( $cache_val ) && $cache_val['num'] == $num ) { - $this->hidden = $cache_val['hidden']; - return $cache_val['post_li_html']; + ID; - $edit_post_link = get_edit_post_link( $post_id ); - $status_object = get_post_status_object( get_post_status( $post_id ) ); + /** + * Generates the HTML for a single post item in the calendar + * @param obj $post The WordPress post in question + * @param str $post_date The date of the post + * @param int $num The index of the post + * + * @return str HTML for a single post item + */ + public function generate_post_li_html( $post, $post_date, $num = 0 ) { + + $can_modify = ( $this->current_user_can_modify_post( $post ) ) ? 'can_modify' : 'read_only'; + $cache_key = $post->ID . $can_modify . '_' . get_current_user_id(); + $cache_val = wp_cache_get( $cache_key, self::$post_li_html_cache_key ); + // Because $num is pertinent to the display of the post LI, need to make sure that's what's in cache + if ( is_array( $cache_val ) && $cache_val['num'] == $num ) { + $this->hidden = $cache_val['hidden']; + return $cache_val['post_li_html']; + } - $post_classes = array( - 'day-item', - 'custom-status-' . $post->post_status, - ); - // Only allow the user to drag the post if they have permissions to - // or if it's in an approved post status - // This is checked on the ajax request too. - if ( $this->current_user_can_modify_post( $post ) && !in_array( $post->post_status, $this->published_statuses ) ) - $post_classes[] = 'sortable'; + ob_start(); + $post_id = $post->ID; + $edit_post_link = get_edit_post_link( $post_id ); + $status_object = get_post_status_object( get_post_status( $post_id ) ); - if ( in_array( $post->post_status, $this->published_statuses ) ) - $post_classes[] = 'is-published'; + $post_classes = array( + 'day-item', + 'custom-status-' . $post->post_status, + ); + // Only allow the user to drag the post if they have permissions to + // or if it's in an approved post status + // This is checked on the ajax request too. + if ( $this->current_user_can_modify_post( $post ) && ! in_array( $post->post_status, $this->published_statuses ) ) { + $post_classes[] = 'sortable'; + } - // Hide posts over a certain number to prevent clutter, unless user is only viewing 1 or 2 weeks - $max_visible_posts = apply_filters( 'ef_calendar_max_visible_posts_per_date', $this->max_visible_posts_per_date); + if ( in_array( $post->post_status, $this->published_statuses ) ) { + $post_classes[] = 'is-published'; + } - if ( $num >= $max_visible_posts && $this->total_weeks > 2 ) { - $post_classes[] = 'hidden'; - $this->hidden++; - } - $post_classes = apply_filters( 'ef_calendar_table_td_li_classes', $post_classes, $post_date, $post->ID ); + // Hide posts over a certain number to prevent clutter, unless user is only viewing 1 or 2 weeks + $max_visible_posts = apply_filters( 'ef_calendar_max_visible_posts_per_date', $this->max_visible_posts_per_date ); + + if ( $num >= $max_visible_posts && $this->total_weeks > 2 ) { + $post_classes[] = 'hidden'; + $this->hidden++; + } + $post_classes = apply_filters( 'ef_calendar_table_td_li_classes', $post_classes, $post_date, $post->ID ); - ?> + ?>
  • @@ -952,51 +971,51 @@ function generate_post_li_html( $post, $post_date, $num = 0 ){
  • - $num, - 'post_li_html' => $post_li_html, - 'hidden' => $this->hidden, + $post_li_cache = array( + 'num' => $num, + 'post_li_html' => $post_li_html, + 'hidden' => $this->hidden, ); - wp_cache_set( $cache_key, $post_li_cache, self::$post_li_html_cache_key ); - - return $post_li_html; - - } // generate_post_li_html() - - /** - * get_inner_information description - * Functionality for generating the inner html elements on the calendar - * has been separated out so various ajax functions can reload certain - * parts of an inner html element. - * @param array $ef_calendar_item_information_fields - * @param WP_Post $post - * @param array $published_statuses - * - * @since 0.8 - */ - function get_inner_information( $ef_calendar_item_information_fields, $post ) { - ?> + wp_cache_set( $cache_key, $post_li_cache, self::$post_li_html_cache_key ); + + return $post_li_html; + } // generate_post_li_html() + + /** + * get_inner_information description + * Functionality for generating the inner html elements on the calendar + * has been separated out so various ajax functions can reload certain + * parts of an inner html element. + * @param array $ef_calendar_item_information_fields + * @param WP_Post $post + * @param array $published_statuses + * + * @since 0.8 + */ + public function get_inner_information( $ef_calendar_item_information_fields, $post ) { + ?> - get_post_information_fields( $post ) as $field => $values ): ?> + get_post_information_fields( $post ) as $field => $values ) : ?> - - current_user_can_modify_post( $post ) ) : ?> - - + + current_user_can_modify_post( $post ) ) : ?> + + + - + - + - + @@ -1006,481 +1025,498 @@ function get_inner_information( $ef_calendar_item_information_fields, $post ) { post_type ); $item_actions = array(); - if ( $this->current_user_can_modify_post( $post ) ) { - // Edit this post - $item_actions['edit'] = '' . __( 'Edit', 'edit-flow' ) . ''; - // Trash this post - $item_actions['trash'] = '' . __( 'Trash', 'edit-flow' ) . ''; - // Preview/view this post - if ( !in_array( $post->post_status, $this->published_statuses ) ) { - $item_actions['view'] = '' . __( 'Preview', 'edit-flow' ) . ''; - } elseif ( 'trash' != $post->post_status ) { - $item_actions['view'] = '' . __( 'View', 'edit-flow' ) . ''; - } - //Save metadata - $item_actions['save hidden'] = '' . __( 'Save', 'edit-flow') . ''; + if ( $this->current_user_can_modify_post( $post ) ) { + // Edit this post + $item_actions['edit'] = '' . __( 'Edit', 'edit-flow' ) . ''; + // Trash this post + $item_actions['trash'] = '' . __( 'Trash', 'edit-flow' ) . ''; + // Preview/view this post + if ( ! in_array( $post->post_status, $this->published_statuses ) ) { + /* translators: %s: post title */ + $item_actions['view'] = '' . __( 'Preview', 'edit-flow' ) . ''; + } elseif ( 'trash' != $post->post_status ) { + /* translators: %s: post title */ + $item_actions['view'] = '' . __( 'View', 'edit-flow' ) . ''; } + //Save metadata + /* translators: %s: post title */ + $item_actions['save hidden'] = '' . __( 'Save', 'edit-flow' ) . ''; + } // Allow other plugins to add actions $item_actions = apply_filters( 'ef_calendar_item_actions', $item_actions, $post->ID ); - if ( count( $item_actions ) ) { - echo '
    '; - $html = ''; - foreach ( $item_actions as $class => $item_action ) { - $html .= '' . $item_action . ' | '; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped - } - echo rtrim( $html, '| ' ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped - echo '
    '; + if ( count( $item_actions ) ) { + echo '
    '; + $html = ''; + foreach ( $item_actions as $class => $item_action ) { + $html .= '' . $item_action . ' | '; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped } + echo rtrim( $html, '| ' ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + echo '
    '; + } ?>
    - '; - break; - case 'paragraph': - return ''; - break; - case 'date': - return ''; - break; - case 'checkbox': - $output = ''; - - return $output; - break; - case 'user': - return wp_dropdown_users( array( 'echo' => false ) ); - break; - case 'taxonomy': - return ''; - break; - case 'taxonomy hierarchical': - return wp_dropdown_categories( array( 'echo' => 0, 'hide_empty' => 0 ) ); - break; + '; + break; + case 'paragraph': + return ''; + break; + case 'date': + return ''; + break; + case 'checkbox': + $output = ''; + + return $output; + break; + case 'user': + return wp_dropdown_users( array( 'echo' => false ) ); + break; + case 'taxonomy': + return ''; + break; + case 'taxonomy hierarchical': + return wp_dropdown_categories( array( + 'echo' => 0, + 'hide_empty' => 0, + ) ); + break; + } } - } - - /** - * Get the information fields to be presented with each post popup - * - * @since 0.8 - * - * @param obj $post Post to gather information fields for - * @return array $information_fields All of the information fields to be presented - */ - function get_post_information_fields( $post ) { - - $information_fields = array(); - // Post author - $information_fields['author'] = array( - 'label' => __( 'Author', 'edit-flow' ), - 'value' => get_the_author_meta( 'display_name', $post->post_author ), - 'type' => 'author', - ); - // If the calendar supports more than one post type, show the post type label - if ( count( $this->get_post_types_for_module( $this->module ) ) > 1 ) { - $information_fields['post_type'] = array( - 'label' => __( 'Post Type', 'edit-flow' ), - 'value' => get_post_type_object( $post->post_type )->labels->singular_name, + /** + * Get the information fields to be presented with each post popup + * + * @since 0.8 + * + * @param obj $post Post to gather information fields for + * @return array $information_fields All of the information fields to be presented + */ + public function get_post_information_fields( $post ) { + + $information_fields = array(); + // Post author + $information_fields['author'] = array( + 'label' => __( 'Author', 'edit-flow' ), + 'value' => get_the_author_meta( 'display_name', $post->post_author ), + 'type' => 'author', ); - } - // Publication time for published statuses - $published_statuses = array( - 'publish', - 'future', - 'private', - ); - if ( in_array( $post->post_status, $published_statuses ) ) { - if ( $post->post_status == 'future' ) { - $information_fields['post_date'] = array( - 'label' => __( 'Scheduled', 'edit-flow' ), - 'value' => get_the_time( null, $post->ID ), - ); - } else { - $information_fields['post_date'] = array( - 'label' => __( 'Published', 'edit-flow' ), - 'value' => get_the_time( null, $post->ID ), + + // If the calendar supports more than one post type, show the post type label + if ( count( $this->get_post_types_for_module( $this->module ) ) > 1 ) { + $information_fields['post_type'] = array( + 'label' => __( 'Post Type', 'edit-flow' ), + 'value' => get_post_type_object( $post->post_type )->labels->singular_name, ); } - } - // Taxonomies and their values - $args = array( - 'post_type' => $post->post_type, - ); - $taxonomies = get_object_taxonomies( $args, 'object' ); - foreach( (array)$taxonomies as $taxonomy ) { - // Sometimes taxonomies skip by, so let's make sure it has a label too - if ( !$taxonomy->public || !$taxonomy->label ) - continue; - - $terms = get_the_terms( $post->ID, $taxonomy->name ); - if ( ! $terms || is_wp_error( $terms ) ) - continue; - - $key = 'tax_' . $taxonomy->name; - if ( count( $terms ) ) { - $value = ''; - foreach( (array)$terms as $term ) { - $value .= $term->name . ', '; + // Publication time for published statuses + $published_statuses = array( + 'publish', + 'future', + 'private', + ); + if ( in_array( $post->post_status, $published_statuses ) ) { + if ( 'future' == $post->post_status ) { + $information_fields['post_date'] = array( + 'label' => __( 'Scheduled', 'edit-flow' ), + 'value' => get_the_time( null, $post->ID ), + ); + } else { + $information_fields['post_date'] = array( + 'label' => __( 'Published', 'edit-flow' ), + 'value' => get_the_time( null, $post->ID ), + ); } - $value = rtrim( $value, ', ' ); - } else { - $value = ''; - } - //Used when editing editorial metadata and post meta - if ( is_taxonomy_hierarchical( $taxonomy->name ) ) - $type = 'taxonomy hierarchical'; - else - $type = 'taxonomy'; - - $information_fields[$key] = array( - 'label' => $taxonomy->label, - 'value' => $value, - 'type' => $type, + } + // Taxonomies and their values + $args = array( + 'post_type' => $post->post_type, ); + $taxonomies = get_object_taxonomies( $args, 'object' ); + foreach ( (array) $taxonomies as $taxonomy ) { + // Sometimes taxonomies skip by, so let's make sure it has a label too + if ( ! $taxonomy->public || ! $taxonomy->label ) { + continue; + } - if( $post->post_type == 'page' ) - $ed_cap = 'edit_page'; - else - $ed_cap = 'edit_post'; + $terms = get_the_terms( $post->ID, $taxonomy->name ); + if ( ! $terms || is_wp_error( $terms ) ) { + continue; + } + + $key = 'tax_' . $taxonomy->name; + if ( count( $terms ) ) { + $value = ''; + foreach ( (array) $terms as $term ) { + $value .= $term->name . ', '; + } + $value = rtrim( $value, ', ' ); + } else { + $value = ''; + } + //Used when editing editorial metadata and post meta + if ( is_taxonomy_hierarchical( $taxonomy->name ) ) { + $type = 'taxonomy hierarchical'; + } else { + $type = 'taxonomy'; + } + + $information_fields[ $key ] = array( + 'label' => $taxonomy->label, + 'value' => $value, + 'type' => $type, + ); + + if ( 'page' == $post->post_type ) { + $ed_cap = 'edit_page'; + } else { + $ed_cap = 'edit_post'; + } + + if ( current_user_can( $ed_cap, $post->ID ) ) { + $information_fields[ $key ]['editable'] = true; + } + } - if( current_user_can( $ed_cap, $post->ID ) ) - $information_fields[$key]['editable'] = true; + $information_fields = apply_filters( 'ef_calendar_item_information_fields', $information_fields, $post->ID ); + foreach ( $information_fields as $field => $values ) { + // Allow filters to hide empty fields or to hide any given individual field. Hide empty fields by default. + if ( ( apply_filters( 'ef_calendar_hide_empty_item_information_fields', true, $post->ID ) && empty( $values['value'] ) ) + || apply_filters( "ef_calendar_hide_{$field}_item_information_field", false, $post->ID ) ) { + unset( $information_fields[ $field ] ); + } + } + return $information_fields; } - $information_fields = apply_filters( 'ef_calendar_item_information_fields', $information_fields, $post->ID ); - foreach( $information_fields as $field => $values ) { - // Allow filters to hide empty fields or to hide any given individual field. Hide empty fields by default. - if ( ( apply_filters( 'ef_calendar_hide_empty_item_information_fields', true, $post->ID ) && empty( $values['value'] ) ) - || apply_filters( "ef_calendar_hide_{$field}_item_information_field", false, $post->ID ) ) - unset( $information_fields[$field] ); + /** + * Generate the calendar header for a given range of dates + * + * @param array $dates Date range for the header + * @return string $html Generated HTML for the header + */ + public function get_time_period_header( $dates ) { + + $html = ''; + foreach ( $dates as $date ) { + $html .= ''; + } + + return $html; } - return $information_fields; - } - - /** - * Generate the calendar header for a given range of dates - * - * @param array $dates Date range for the header - * @return string $html Generated HTML for the header - */ - function get_time_period_header( $dates ) { - - $html = ''; - foreach( $dates as $date ) { - $html .= ''; + + /** + * Query to get all of the calendar posts for a given day + * + * @param array $args Any filter arguments we want to pass + * @param string $request_context Where the query is coming from, to distinguish dashboard and subscriptions + * @return array $posts All of the posts as an array sorted by date + */ + public function get_calendar_posts_for_week( $args = array(), $context = 'dashboard' ) { + + $supported_post_types = $this->get_post_types_for_module( $this->module ); + $defaults = array( + 'post_status' => null, + 'cat' => null, + 'author' => null, + 'post_type' => $supported_post_types, + 'posts_per_page' => 200, + ); + + $args = array_merge( $defaults, $args ); + + // Unpublished as a status is just an array of everything but 'publish'. + if ( 'unpublish' == $args['post_status'] ) { + $args['post_status'] = ''; + $post_stati = wp_filter_object_list( $this->get_calendar_post_stati(), array( 'name' => 'publish' ), 'not' ); + + if ( ! apply_filters( 'ef_show_scheduled_as_unpublished', false ) ) { + $post_stati = wp_filter_object_list( $post_stati, array( 'name' => 'future' ), 'not' ); + } + + $args['post_status'] .= implode( ',', wp_list_pluck( $post_stati, 'name' ) ); + } + // The WP functions for printing the category and author assign a value of 0 to the default + // options, but passing this to the query is bad (trashed and auto-draft posts appear!), so + // unset those arguments. + if ( '0' === $args['cat'] ) { + unset( $args['cat'] ); + } + if ( '0' === $args['author'] ) { + unset( $args['author'] ); + } + + if ( empty( $args['post_type'] ) || ! in_array( $args['post_type'], $supported_post_types ) ) { + $args['post_type'] = $supported_post_types; + } + + $beginning_date = $this->get_beginning_of_week( $this->start_date, 'Y-m-d', $this->current_week ); + $ending_date = date( 'Y-m-d', strtotime( $beginning_date ) + WEEK_IN_SECONDS ); + + $args['date_query'] = array( + 'after' => $beginning_date, + 'before' => $ending_date, + 'inclusive' => true, + ); + + // Filter for an end user to implement any of their own query args + $args = apply_filters( 'ef_calendar_posts_query_args', $args, $context ); + $post_results = new WP_Query( $args ); + + $posts = array(); + while ( $post_results->have_posts() ) { + $post_results->the_post(); + global $post; + $key_date = date( 'Y-m-d', strtotime( $post->post_date ) ); + $posts[ $key_date ][] = $post; + } + + return $posts; } - return $html; - - } - - /** - * Query to get all of the calendar posts for a given day - * - * @param array $args Any filter arguments we want to pass - * @param string $request_context Where the query is coming from, to distinguish dashboard and subscriptions - * @return array $posts All of the posts as an array sorted by date - */ - function get_calendar_posts_for_week( $args = array(), $context = 'dashboard' ) { - - $supported_post_types = $this->get_post_types_for_module( $this->module ); - $defaults = array( - 'post_status' => null, - 'cat' => null, - 'author' => null, - 'post_type' => $supported_post_types, - 'posts_per_page' => 200, - ); + /** + * Gets the link for the next time period + * + * @param string $direction 'previous' or 'next', direction to go in time + * @param array $filters Any filters that need to be applied + * @param int $weeks_offset Number of weeks we're offsetting the range + * @return string $url The URL for the next page + */ + public function get_pagination_link( $direction = 'next', $filters = array(), $weeks_offset = null ) { - $args = array_merge( $defaults, $args ); + $supported_post_types = $this->get_post_types_for_module( $this->module ); - // Unpublished as a status is just an array of everything but 'publish'. - if ( 'unpublish' == $args['post_status'] ) { - $args['post_status'] = ''; - $post_stati = wp_filter_object_list( $this->get_calendar_post_stati(), array( 'name' => 'publish' ), 'not' ); + if ( ! isset( $weeks_offset ) ) { + $weeks_offset = $this->total_weeks; + } else if ( 0 == $weeks_offset ) { + $filters['start_date'] = $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ); + } - if ( ! apply_filters( 'ef_show_scheduled_as_unpublished', false ) ) { - $post_stati = wp_filter_object_list( $post_stati, array( 'name' => 'future' ), 'not' ); + if ( 'previous' == $direction ) { + $weeks_offset = '-' . $weeks_offset; } - $args['post_status'] .= implode( ',', wp_list_pluck( $post_stati, 'name' ) ); + $filters['start_date'] = date( 'Y-m-d', strtotime( $weeks_offset . ' weeks', strtotime( $filters['start_date'] ) ) ); + $url = add_query_arg( $filters, menu_page_url( $this->module->slug, false ) ); + + if ( count( $supported_post_types ) > 1 ) { + $url = add_query_arg( 'cpt', $filters['cpt'], $url ); + } + + return $url; } - // The WP functions for printing the category and author assign a value of 0 to the default - // options, but passing this to the query is bad (trashed and auto-draft posts appear!), so - // unset those arguments. - if ( $args['cat'] === '0' ) { - unset( $args['cat'] ); + + /** + * Given a day in string format, returns the day at the beginning of that week, which can be the given date. + * The beginning of the week is determined by the blog option, 'start_of_week'. + * + * @see http://www.php.net/manual/en/datetime.formats.date.php for valid date formats + * + * @param string $date String representing a date + * @param string $format Date format in which the beginning of the week should be returned + * @param int $week Number of weeks we're offsetting the range + * @return string $formatted_start_of_week Beginning of the week + */ + public function get_beginning_of_week( $date, $format = 'Y-m-d', $week = 1 ) { + + $date = strtotime( $date ); + $start_of_week = get_option( 'start_of_week' ); + $day_of_week = date( 'w', $date ); + $date += ( ( $start_of_week - $day_of_week - 7 ) % 7 ) * 60 * 60 * 24; + $date = strtotime( '+' . ( $week - 1 ) . ' week', $date ); + $formatted_start_of_week = date( $format, $date ); + return $formatted_start_of_week; } - if ( $args['author'] === '0' ) { - unset( $args['author'] ); + + /** + * Given a day in string format, returns the day at the end of that week, which can be the given date. + * The end of the week is determined by the blog option, 'start_of_week'. + * + * @see http://www.php.net/manual/en/datetime.formats.date.php for valid date formats + * + * @param string $date String representing a date + * @param string $format Date format in which the end of the week should be returned + * @param int $week Number of weeks we're offsetting the range + * @return string $formatted_end_of_week End of the week + */ + public function get_ending_of_week( $date, $format = 'Y-m-d', $week = 1 ) { + + $date = strtotime( $date ); + $end_of_week = get_option( 'start_of_week' ) - 1; + $day_of_week = date( 'w', $date ); + $date += ( ( $end_of_week - $day_of_week + 7 ) % 7 ) * 60 * 60 * 24; + $date = strtotime( '+' . ( $week - 1 ) . ' week', $date ); + $formatted_end_of_week = date( $format, $date ); + return $formatted_end_of_week; } - if ( empty( $args['post_type'] ) || ! in_array( $args['post_type'], $supported_post_types ) ) { - $args['post_type'] = $supported_post_types; + /** + * Human-readable time range for the calendar + * Shows something like "for October 30th through November 26th" for a four-week period + * + * @since 0.7 + */ + public function calendar_time_range() { + + $first_datetime = strtotime( $this->start_date ); + $first_date = date_i18n( get_option( 'date_format' ), $first_datetime ); + $total_days = ( $this->total_weeks * 7 ) - 1; + $last_datetime = strtotime( '+' . $total_days . ' days', date( 'U', strtotime( $this->start_date ) ) ); + $last_date = date_i18n( get_option( 'date_format' ), $last_datetime ); + // translators: %1$s = first date, %2$s = last date + echo esc_html( sprintf( __( 'for %1$s through %2$s', 'edit-flow' ), $first_date, $last_date ) ); } - $beginning_date = $this->get_beginning_of_week( $this->start_date, 'Y-m-d', $this->current_week ); - $ending_date = date( "Y-m-d", strtotime( $beginning_date ) + WEEK_IN_SECONDS ); + /** + * Check whether the current user should have the ability to modify the post + * + * @since 0.7 + * + * @param object $post The post object we're checking + * @return bool $can Whether or not the current user can modify the post + */ + public function current_user_can_modify_post( $post ) { - $args['date_query'] = array( - 'after' => $beginning_date, - 'before' => $ending_date, - 'inclusive' => true, - ); + if ( ! $post ) { + return false; + } - // Filter for an end user to implement any of their own query args - $args = apply_filters( 'ef_calendar_posts_query_args', $args, $context ); - $post_results = new WP_Query( $args ); + $post_type_object = get_post_type_object( $post->post_type ); - $posts = array(); - while ( $post_results->have_posts() ) { - $post_results->the_post(); - global $post; - $key_date = date( 'Y-m-d', strtotime( $post->post_date ) ); - $posts[$key_date][] = $post; - } + // Editors and admins are fine + if ( current_user_can( $post_type_object->cap->edit_others_posts, $post->ID ) ) { + return true; + } + // Authors and contributors can move their own stuff if it's not published + if ( current_user_can( $post_type_object->cap->edit_post, $post->ID ) && wp_get_current_user()->ID == $post->post_author && ! in_array( $post->post_status, $this->published_statuses ) ) { + return true; + } + // Those who can publish posts can move any of their own stuff + if ( current_user_can( $post_type_object->cap->publish_posts, $post->ID ) && wp_get_current_user()->ID == $post->post_author ) { + return true; + } - return $posts; - - } - - /** - * Gets the link for the next time period - * - * @param string $direction 'previous' or 'next', direction to go in time - * @param array $filters Any filters that need to be applied - * @param int $weeks_offset Number of weeks we're offsetting the range - * @return string $url The URL for the next page - */ - function get_pagination_link( $direction = 'next', $filters = array(), $weeks_offset = null ) { - - $supported_post_types = $this->get_post_types_for_module( $this->module ); - - if ( !isset( $weeks_offset ) ) - $weeks_offset = $this->total_weeks; - else if ( $weeks_offset == 0 ) - $filters['start_date'] = $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ); - - if ( $direction == 'previous' ) - $weeks_offset = '-' . $weeks_offset; - - $filters['start_date'] = date( 'Y-m-d', strtotime( $weeks_offset . " weeks", strtotime( $filters['start_date'] ) ) ); - $url = add_query_arg( $filters, menu_page_url( $this->module->slug, false ) ); - - if ( count( $supported_post_types ) > 1 ) - $url = add_query_arg( 'cpt', $filters['cpt'] , $url ); - - return $url; - - } - - /** - * Given a day in string format, returns the day at the beginning of that week, which can be the given date. - * The beginning of the week is determined by the blog option, 'start_of_week'. - * - * @see http://www.php.net/manual/en/datetime.formats.date.php for valid date formats - * - * @param string $date String representing a date - * @param string $format Date format in which the beginning of the week should be returned - * @param int $week Number of weeks we're offsetting the range - * @return string $formatted_start_of_week Beginning of the week - */ - function get_beginning_of_week( $date, $format = 'Y-m-d', $week = 1 ) { - - $date = strtotime( $date ); - $start_of_week = get_option( 'start_of_week' ); - $day_of_week = date( 'w', $date ); - $date += (( $start_of_week - $day_of_week - 7 ) % 7) * 60 * 60 * 24 ; - $date = strtotime ( '+' . ( $week - 1 ) . ' week', $date ) ; - $formatted_start_of_week = date( $format, $date ); - return $formatted_start_of_week; - - } - - /** - * Given a day in string format, returns the day at the end of that week, which can be the given date. - * The end of the week is determined by the blog option, 'start_of_week'. - * - * @see http://www.php.net/manual/en/datetime.formats.date.php for valid date formats - * - * @param string $date String representing a date - * @param string $format Date format in which the end of the week should be returned - * @param int $week Number of weeks we're offsetting the range - * @return string $formatted_end_of_week End of the week - */ - function get_ending_of_week( $date, $format = 'Y-m-d', $week = 1 ) { - - $date = strtotime( $date ); - $end_of_week = get_option( 'start_of_week' ) - 1; - $day_of_week = date( 'w', $date ); - $date += (( $end_of_week - $day_of_week + 7 ) % 7) * 60 * 60 * 24; - $date = strtotime ( '+' . ( $week - 1 ) . ' week', $date ) ; - $formatted_end_of_week = date( $format, $date ); - return $formatted_end_of_week; - - } - - /** - * Human-readable time range for the calendar - * Shows something like "for October 30th through November 26th" for a four-week period - * - * @since 0.7 - */ - function calendar_time_range() { - - $first_datetime = strtotime( $this->start_date ); - $first_date = date_i18n( get_option( 'date_format' ), $first_datetime ); - $total_days = ( $this->total_weeks * 7 ) - 1; - $last_datetime = strtotime( "+" . $total_days . " days", date( 'U', strtotime( $this->start_date ) ) ); - $last_date = date_i18n( get_option( 'date_format' ), $last_datetime ); - echo esc_html( sprintf( __( 'for %1$s through %2$s', 'edit-flow' ), $first_date, $last_date ) ); - } - - /** - * Check whether the current user should have the ability to modify the post - * - * @since 0.7 - * - * @param object $post The post object we're checking - * @return bool $can Whether or not the current user can modify the post - */ - function current_user_can_modify_post( $post ) { - - if ( !$post ) return false; + } - $post_type_object = get_post_type_object( $post->post_type ); - - // Editors and admins are fine - if ( current_user_can( $post_type_object->cap->edit_others_posts, $post->ID ) ) - return true; - // Authors and contributors can move their own stuff if it's not published - if ( current_user_can( $post_type_object->cap->edit_post, $post->ID ) && wp_get_current_user()->ID == $post->post_author && !in_array( $post->post_status, $this->published_statuses ) ) - return true; - // Those who can publish posts can move any of their own stuff - if ( current_user_can( $post_type_object->cap->publish_posts, $post->ID ) && wp_get_current_user()->ID == $post->post_author ) - return true; - - return false; - } - - /** - * Register settings for notifications so we can partially use the Settings API - * We use the Settings API for form generation, but not saving because we have our - * own way of handling the data. - * - * @since 0.7 - */ - function register_settings() { + /** + * Register settings for notifications so we can partially use the Settings API + * We use the Settings API for form generation, but not saving because we have our + * own way of handling the data. + * + * @since 0.7 + */ + public function register_settings() { add_settings_section( $this->module->options_group_name . '_general', false, '__return_false', $this->module->options_group_name ); add_settings_field( 'post_types', __( 'Post types to show', 'edit-flow' ), array( $this, 'settings_post_types_option' ), $this->module->options_group_name, $this->module->options_group_name . '_general' ); add_settings_field( 'quick_create_post_type', __( 'Post type to create directly from calendar', 'edit-flow' ), array( $this, 'settings_quick_create_post_type_option' ), $this->module->options_group_name, $this->module->options_group_name . '_general' ); add_settings_field( 'ics_subscription', __( 'Subscription in iCal or Google Calendar', 'edit-flow' ), array( $this, 'settings_ics_subscription_option' ), $this->module->options_group_name, $this->module->options_group_name . '_general' ); + } - } - - /** - * Choose the post types that should be displayed on the calendar - * - * @since 0.7 - */ - function settings_post_types_option() { - global $edit_flow; - $edit_flow->settings->helper_option_custom_post_type( $this->module ); - } - - /** - * Choose the post type that should be created on the calendar - * - * @since 0.8 - */ - function settings_quick_create_post_type_option() { - - $allowed_post_types = $this->get_all_post_types(); - - echo ""; - - } - - /** - * Enable calendar subscriptions via .ics in iCal or Google Calendar - * - * @since 0.8 - */ - function settings_ics_subscription_option() { - $options = array( - 'off' => __( 'Disabled', 'edit-flow' ), - 'on' => __( 'Enabled', 'edit-flow' ), - ); - echo ''; + /** + * Choose the post type that should be created on the calendar + * + * @since 0.8 + */ + public function settings_quick_create_post_type_option() { - $regenerate_url = add_query_arg( 'action', 'ef_calendar_regenerate_calendar_feed_secret', admin_url( 'index.php' ) ); - $regenerate_url = wp_nonce_url( $regenerate_url, 'ef-regenerate-ics-key' ); - echo '   ' . esc_html_e( 'Regenerate calendar feed secret', 'edit-flow' ) . ''; + $allowed_post_types = $this->get_all_post_types(); - // If our secret key doesn't exist, create a new one - if ( empty( $this->module->options->ics_secret_key ) ) - EditFlow()->update_module_option( $this->module->name, 'ics_secret_key', wp_generate_password() ); - } + echo "'; + } + + /** + * Enable calendar subscriptions via .ics in iCal or Google Calendar + * + * @since 0.8 + */ + public function settings_ics_subscription_option() { + $options = array( + 'off' => __( 'Disabled', 'edit-flow' ), + 'on' => __( 'Enabled', 'edit-flow' ), + ); + echo ''; + + + $regenerate_url = add_query_arg( 'action', 'ef_calendar_regenerate_calendar_feed_secret', admin_url( 'index.php' ) ); + $regenerate_url = wp_nonce_url( $regenerate_url, 'ef-regenerate-ics-key' ); + echo '   ' . esc_html_e( 'Regenerate calendar feed secret', 'edit-flow' ) . ''; + + // If our secret key doesn't exist, create a new one + if ( empty( $this->module->options->ics_secret_key ) ) { + EditFlow()->update_module_option( $this->module->name, 'ics_secret_key', wp_generate_password() ); + } + } - /** - * Validate the data submitted by the user in calendar settings - * - * @since 0.7 - */ - function settings_validate( $new_options ) { + /** + * Validate the data submitted by the user in calendar settings + * + * @since 0.7 + */ + public function settings_validate( $new_options ) { - $options = (array)$this->module->options; + $options = (array) $this->module->options; - $options['post_types'] = $this->clean_post_type_options( $new_options['post_types'], $this->module->post_type_support ); + $options['post_types'] = $this->clean_post_type_options( $new_options['post_types'], $this->module->post_type_support ); - if ( in_array( $new_options['quick_create_post_type'], array_keys( $this->get_all_post_types() ) ) ) - $options['quick_create_post_type'] = $new_options['quick_create_post_type']; + if ( in_array( $new_options['quick_create_post_type'], array_keys( $this->get_all_post_types() ) ) ) { + $options['quick_create_post_type'] = $new_options['quick_create_post_type']; + } - if ( 'on' != $new_options['ics_subscription'] ) - $options['ics_subscription'] = 'off'; - else - $options['ics_subscription'] = 'on'; + if ( 'on' != $new_options['ics_subscription'] ) { + $options['ics_subscription'] = 'off'; + } else { + $options['ics_subscription'] = 'on'; + } - return $options; - } + return $options; + } - /** - * Settings page for calendar - */ - function print_configure_view() { - global $edit_flow; - ?> + /** + * Settings page for calendar + */ + public function print_configure_view() { + global $edit_flow; + ?> module->options_group_name ); ?> module->options_group_name ); ?> @@ -1489,380 +1525,392 @@ function print_configure_view() { ?>

    - print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + create_post_cap ) ) - $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + /** + * Ajax callback to insert a post placeholder for a particular date + * + * @since 0.8 + */ + public function handle_ajax_insert_post() { - if ( empty( $_POST['ef_insert_date'] ) ) { - $this->print_ajax_response( 'error', __( 'No date supplied.', 'edit-flow' ) ); - } + // Nonce check! + if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'ef-calendar-modify' ) ) { + $this->print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + } - // Post type has to be visible on the calendar to create a placeholder - if ( ! in_array( $this->module->options->quick_create_post_type, $this->get_post_types_for_module( $this->module ) ) ) - $this->print_ajax_response( 'error', __( 'Please change Quick Create to use a post type viewable on the calendar.', 'edit-flow' ) ); + // Check that the user has the right capabilities to add posts to the calendar (defaults to 'edit_posts') + if ( ! current_user_can( $this->create_post_cap ) ) { + $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + } - // Sanitize post values - $post_title = isset( $_POST['ef_insert_title'] ) ? sanitize_text_field( $_POST['ef_insert_title'] ) : null; + if ( empty( $_POST['ef_insert_date'] ) ) { + $this->print_ajax_response( 'error', __( 'No date supplied.', 'edit-flow' ) ); + } - if( ! $post_title ) { - $post_title = esc_html__( 'Untitled', 'edit-flow' ); - } + // Post type has to be visible on the calendar to create a placeholder + if ( ! in_array( $this->module->options->quick_create_post_type, $this->get_post_types_for_module( $this->module ) ) ) { + $this->print_ajax_response( 'error', __( 'Please change Quick Create to use a post type viewable on the calendar.', 'edit-flow' ) ); + } - $post_date = sanitize_text_field( $_POST['ef_insert_date'] ); + // Sanitize post values + $post_title = isset( $_POST['ef_insert_title'] ) ? sanitize_text_field( $_POST['ef_insert_title'] ) : null; - $post_status = $this->get_default_post_status(); + if ( ! $post_title ) { + $post_title = esc_html__( 'Untitled', 'edit-flow' ); + } - // Set new post parameters - $post_placeholder = array( - 'post_title' => $post_title, - 'post_status' => $post_status, - 'post_date' => date( 'Y-m-d H:i:s', strtotime( $post_date ) ), - 'post_type' => $this->module->options->quick_create_post_type, - ); + $post_date = sanitize_text_field( $_POST['ef_insert_date'] ); - // By default, adding a post to the calendar won't set the timestamp. - // If the user desires that to be the behavior, they can set the result of this filter to 'true' - // With how WordPress works internally, setting 'post_date_gmt' will set the timestamp - if ( apply_filters( 'ef_calendar_allow_ajax_to_set_timestamp', false ) ) - $post_placeholder['post_date_gmt'] = date( 'Y-m-d H:i:s', strtotime( $post_date ) ); + $post_status = $this->get_default_post_status(); - // Create the post - $post_id = wp_insert_post( $post_placeholder ); + // Set new post parameters + $post_placeholder = array( + 'post_title' => $post_title, + 'post_status' => $post_status, + 'post_date' => date( 'Y-m-d H:i:s', strtotime( $post_date ) ), + 'post_type' => $this->module->options->quick_create_post_type, + ); - if( $post_id ) { // success! + // By default, adding a post to the calendar won't set the timestamp. + // If the user desires that to be the behavior, they can set the result of this filter to 'true' + // With how WordPress works internally, setting 'post_date_gmt' will set the timestamp + if ( apply_filters( 'ef_calendar_allow_ajax_to_set_timestamp', false ) ) { + $post_placeholder['post_date_gmt'] = date( 'Y-m-d H:i:s', strtotime( $post_date ) ); + } - $post = get_post( $post_id ); + // Create the post + $post_id = wp_insert_post( $post_placeholder ); - // Generate the HTML for the post item so it can be injected - $post_li_html = $this->generate_post_li_html( $post, $post_date ); + if ( $post_id ) { // success! - // announce success and send back the html to inject - $this->print_ajax_response( 'success', $post_li_html ); + $post = get_post( $post_id ); - } else { - $this->print_ajax_response( 'error', __( 'Post could not be created', 'edit-flow' ) ); - } - } - - /** - * Returns the singular label for the posts that are - * quick-created on the calendar - * - * @return str Singular label for a post-type - */ - function get_quick_create_post_type_name(){ - - $post_type_slug = $this->module->options->quick_create_post_type; - $post_type_obj = get_post_type_object( $post_type_slug ); - - return $post_type_obj->labels->singular_name ? $post_type_obj->labels->singular_name : $post_type_slug; - } - - /** - * ajax_ef_calendar_update_metadata - * Update the metadata from the calendar. - * @return string representing the overlay - * - * @since 0.8 - */ - function handle_ajax_update_metadata() { - global $wpdb; - - if ( !isset( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'ef-calendar-modify' ) ) { - $this->print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + // Generate the HTML for the post item so it can be injected + $post_li_html = $this->generate_post_li_html( $post, $post_date ); + + // announce success and send back the html to inject + $this->print_ajax_response( 'success', $post_li_html ); + + } else { + $this->print_ajax_response( 'error', __( 'Post could not be created', 'edit-flow' ) ); + } } - if ( !isset( $_POST['post_id'] ) ) { - $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + /** + * Returns the singular label for the posts that are + * quick-created on the calendar + * + * @return str Singular label for a post-type + */ + public function get_quick_create_post_type_name() { + + $post_type_slug = $this->module->options->quick_create_post_type; + $post_type_obj = get_post_type_object( $post_type_slug ); + + return $post_type_obj->labels->singular_name ? $post_type_obj->labels->singular_name : $post_type_slug; } - // Check that we got a proper post - $post_id = ( int )$_POST['post_id']; - $post = get_post( $post_id ); + /** + * ajax_ef_calendar_update_metadata + * Update the metadata from the calendar. + * @return string representing the overlay + * + * @since 0.8 + */ + public function handle_ajax_update_metadata() { + global $wpdb; - if ( ! $post ) - $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'ef-calendar-modify' ) ) { + $this->print_ajax_response( 'error', $this->module->messages['nonce-failed'] ); + } + if ( ! isset( $_POST['post_id'] ) ) { + $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + } - if( $post->post_type == 'page' ) - $edit_check = 'edit_page'; - else - $edit_check = 'edit_post'; + // Check that we got a proper post + $post_id = (int) $_POST['post_id']; + $post = get_post( $post_id ); - if ( !current_user_can( $edit_check, $post->ID ) ) - $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + if ( ! $post ) { + $this->print_ajax_response( 'error', $this->module->messages['missing-post'] ); + } - // Check that the user can modify the post - if ( ! $this->current_user_can_modify_post( $post ) ) - $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); - $default_types = array( - 'author', - 'taxonomy', - ); + if ( 'page' == $post->post_type ) { + $edit_check = 'edit_page'; + } else { + $edit_check = 'edit_post'; + } - $metadata_types = array(); + if ( ! current_user_can( $edit_check, $post->ID ) ) { + $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + } - if ( !$this->module_enabled( 'editorial_metadata' ) ) - $this->print_ajax_response( 'error', $this->module->messages['update-error'] ); + // Check that the user can modify the post + if ( ! $this->current_user_can_modify_post( $post ) ) { + $this->print_ajax_response( 'error', $this->module->messages['invalid-permissions'] ); + } - $metadata_types = array_keys( EditFlow()->editorial_metadata->get_supported_metadata_types() ); + $default_types = array( + 'author', + 'taxonomy', + ); - // Update an editorial metadata field - $metadata_term = isset( $_POST['metadata_term'] ) ? $_POST['metadata_term'] : ''; - $metadata_type = isset( $_POST['metadata_type'] ) ? $_POST['metadata_type'] : ''; - $incoming_metadata_value = isset( $_POST['metadata_value'] ) ? $_POST['metadata_value'] : ''; + $metadata_types = array(); - if ( isset( $_POST['metadata_type'] ) && in_array( $_POST['metadata_type'], $metadata_types ) ) { - $post_meta_key = sanitize_text_field( '_ef_editorial_meta_' . $_POST['metadata_type'] . '_' . $metadata_term ); + if ( ! $this->module_enabled( 'editorial_metadata' ) ) { + $this->print_ajax_response( 'error', $this->module->messages['update-error'] ); + } - //Javascript date parsing is terrible, so use strtotime in php - if ( $metadata_type == 'date' ) - $metadata_value = strtotime( sanitize_text_field( $incoming_metadata_value ) ); - else - $metadata_value = sanitize_text_field( $incoming_metadata_value ); + $metadata_types = array_keys( EditFlow()->editorial_metadata->get_supported_metadata_types() ); - update_post_meta( $post->ID, $post_meta_key, $metadata_value ); - $response = 'success'; - } else { - switch( $_POST['metadata_type'] ) { - case 'taxonomy': - case 'taxonomy hierarchical': - $response = wp_set_post_terms( $post->ID, $incoming_metadata_value, $metadata_term ); - break; - default: - $response = new WP_Error( 'invalid-type', __( 'Invalid metadata type', 'edit-flow' ) ); - break; + // Update an editorial metadata field + $metadata_term = isset( $_POST['metadata_term'] ) ? $_POST['metadata_term'] : ''; + $metadata_type = isset( $_POST['metadata_type'] ) ? $_POST['metadata_type'] : ''; + $incoming_metadata_value = isset( $_POST['metadata_value'] ) ? $_POST['metadata_value'] : ''; + + if ( isset( $_POST['metadata_type'] ) && in_array( $_POST['metadata_type'], $metadata_types ) ) { + $post_meta_key = sanitize_text_field( '_ef_editorial_meta_' . $_POST['metadata_type'] . '_' . $metadata_term ); + + //Javascript date parsing is terrible, so use strtotime in php + if ( 'date' == $metadata_type ) { + $metadata_value = strtotime( sanitize_text_field( $incoming_metadata_value ) ); + } else { + $metadata_value = sanitize_text_field( $incoming_metadata_value ); + } + + update_post_meta( $post->ID, $post_meta_key, $metadata_value ); + $response = 'success'; + } else { + switch ( $_POST['metadata_type'] ) { + case 'taxonomy': + case 'taxonomy hierarchical': + $response = wp_set_post_terms( $post->ID, $incoming_metadata_value, $metadata_term ); + break; + default: + $response = new WP_Error( 'invalid-type', __( 'Invalid metadata type', 'edit-flow' ) ); + break; + } + } + + //Assuming we've got to this point, just regurgitate the value + if ( ! is_wp_error( $response ) ) { + $this->print_ajax_response( 'success', $incoming_metadata_value ); + } else { + $this->print_ajax_response( 'error', __( 'Metadata could not be updated.', 'edit-flow' ) ); } } - //Assuming we've got to this point, just regurgitate the value - if ( ! is_wp_error( $response ) ) - $this->print_ajax_response( 'success', $incoming_metadata_value ); - else - $this->print_ajax_response( 'error', __( 'Metadata could not be updated.', 'edit-flow' ) ); - } - - function calendar_filters() { - $select_filter_names = array(); - - $select_filter_names['post_status'] = 'post_status'; - $select_filter_names['cat'] = 'cat'; - $select_filter_names['author'] = 'author'; - $select_filter_names['type'] = 'cpt'; - $select_filter_name['num_weeks'] = 'num_weeks'; - - return apply_filters( 'ef_calendar_filter_names', $select_filter_names ); - } - - /** - * Sanitize a $_GET or similar filter being used on the calendar - * - * @since 0.8 - * - * @param string $key Filter being sanitized - * @param string $dirty_value Value to be sanitized - * @return string $sanitized_value Safe to use value - */ - function sanitize_filter( $key, $dirty_value ) { - - switch( $key ) { - case 'post_status': - // Whitelist-based validation for this parameter - $valid_statuses = wp_list_pluck( $this->get_calendar_post_stati(), 'name' ); - $valid_statuses[] = 'unpublish'; - - if ( in_array( $dirty_value, $valid_statuses ) ) - return $dirty_value; - else - return ''; - break; - case 'cpt': - $cpt = sanitize_key( $dirty_value ); - $supported_post_types = $this->get_post_types_for_module( $this->module ); - if ( $cpt && in_array( $cpt, $supported_post_types ) ) - return $cpt; - else - return ''; - break; - case 'start_date': - return date( 'Y-m-d', strtotime( $dirty_value ) ); + public function calendar_filters() { + $select_filter_names = array(); + + $select_filter_names['post_status'] = 'post_status'; + $select_filter_names['cat'] = 'cat'; + $select_filter_names['author'] = 'author'; + $select_filter_names['type'] = 'cpt'; + $select_filter_name['num_weeks'] = 'num_weeks'; + + return apply_filters( 'ef_calendar_filter_names', $select_filter_names ); + } + + /** + * Sanitize a $_GET or similar filter being used on the calendar + * + * @since 0.8 + * + * @param string $key Filter being sanitized + * @param string $dirty_value Value to be sanitized + * @return string $sanitized_value Safe to use value + */ + public function sanitize_filter( $key, $dirty_value ) { + + switch ( $key ) { + case 'post_status': + // Whitelist-based validation for this parameter + $valid_statuses = wp_list_pluck( $this->get_calendar_post_stati(), 'name' ); + $valid_statuses[] = 'unpublish'; + + if ( in_array( $dirty_value, $valid_statuses ) ) { + return $dirty_value; + } else { + return ''; + } + break; + case 'cpt': + $cpt = sanitize_key( $dirty_value ); + $supported_post_types = $this->get_post_types_for_module( $this->module ); + if ( $cpt && in_array( $cpt, $supported_post_types ) ) { + return $cpt; + } else { + return ''; + } + break; + case 'start_date': + return date( 'Y-m-d', strtotime( $dirty_value ) ); break; - case 'cat': - case 'author': - return intval( $dirty_value ); + case 'cat': + case 'author': + return intval( $dirty_value ); break; - case 'num_weeks': - $num_weeks = intval( $dirty_value ); - if ( $num_weeks <= 0 ) { - return $this->total_weeks; - } else if ( $num_weeks > $this->max_weeks ) { - return $this->max_weeks; - } else { - return $num_weeks; - } - default: - return false; + case 'num_weeks': + $num_weeks = intval( $dirty_value ); + if ( $num_weeks <= 0 ) { + return $this->total_weeks; + } else if ( $num_weeks > $this->max_weeks ) { + return $this->max_weeks; + } else { + return $num_weeks; + } + default: + return false; break; + } + } + + /** + * When a post is updated, clean the
  • html post cache for it + */ + public function action_clean_li_html_cache( $post_id ) { + + wp_cache_delete( $post_id . 'can_modify', self::$post_li_html_cache_key ); + wp_cache_delete( $post_id . 'read_only', self::$post_li_html_cache_key ); } - } - - /** - * When a post is updated, clean the
  • html post cache for it - */ - public function action_clean_li_html_cache( $post_id ) { - - wp_cache_delete( $post_id . 'can_modify', self::$post_li_html_cache_key ); - wp_cache_delete( $post_id . 'read_only', self::$post_li_html_cache_key ); - } - - /** - * This is a hack! hack! hack! until core is fixed - * - * The calendar uses 'post_date' field to store the position on the calendar - * If a post has a core post status assigned (e.g. 'draft' or 'pending'), the `post_date` - * field will be reset when `wp_update_post()` - * is used: http://core.trac.wordpress.org/browser/tags/3.7.1/src/wp-includes/post.php#L2998 - * - * This method temporarily caches the `post_date` field if it needs to be restored. - * - * @uses fix_post_date_on_update_part_two() - */ - public function fix_post_date_on_update_part_one( $post_ID, $data ) { - - $post = get_post( $post_ID ); - - // `post_date` is only nooped for these three statuses, - // but don't try to persist if `post_date_gmt` is set - if ( ! in_array( $post->post_status, array( 'draft', 'pending', 'auto-draft' ) ) + + /** + * This is a hack! hack! hack! until core is fixed + * + * The calendar uses 'post_date' field to store the position on the calendar + * If a post has a core post status assigned (e.g. 'draft' or 'pending'), the `post_date` + * field will be reset when `wp_update_post()` + * is used: http://core.trac.wordpress.org/browser/tags/3.7.1/src/wp-includes/post.php#L2998 + * + * This method temporarily caches the `post_date` field if it needs to be restored. + * + * @uses fix_post_date_on_update_part_two() + */ + public function fix_post_date_on_update_part_one( $post_ID, $data ) { + + $post = get_post( $post_ID ); + + // `post_date` is only nooped for these three statuses, + // but don't try to persist if `post_date_gmt` is set + if ( ! in_array( $post->post_status, array( 'draft', 'pending', 'auto-draft' ) ) || '0000-00-00 00:00:00' !== $post->post_date_gmt - || '0000-00-00 00:00:00' !== $data['post_date_gmt'] ) - return; - - $this->post_date_cache[ $post_ID ] = $post->post_date; - - } - - /** - * This is a hack! hack! hack! until core is fixed - * - * The calendar uses 'post_date' field to store the position on the calendar - * If a post has a core post status assigned (e.g. 'draft' or 'pending'), the `post_date` - * field will be reset when `wp_update_post()` - * is used: http://core.trac.wordpress.org/browser/tags/3.7.1/src/wp-includes/post.php#L2998 - * - * This method restores the `post_date` field if it needs to be restored. - * - * @uses fix_post_date_on_update_part_one() - */ - public function fix_post_date_on_update_part_two( $post_ID, $post_after, $post_before ) { - global $wpdb; - - if ( empty( $this->post_date_cache[ $post_ID ] ) ) - return; - - $post_date = $this->post_date_cache[ $post_ID ]; - unset( $this->post_date_cache[ $post_ID ] ); - $wpdb->update( $wpdb->posts, array( 'post_date' => $post_date ), array( 'ID' => $post_ID ) ); - clean_post_cache( $post_ID ); - } - - /** - * Returns a list of custom status objects used by the calendar - * - * @return array An array of StdClass objects representing statuses - */ - public function get_calendar_post_stati() { - $post_stati = get_post_stati( array(), 'object' ); - $custom_status_slugs = wp_list_pluck( $this->get_post_statuses(), 'slug' ); - $custom_status_slugs[] = 'future'; - $custom_status_slugs[] = 'publish'; - - $custom_status_slug_keys = array_flip( $custom_status_slugs ); - - $final_statuses = []; - - foreach( $post_stati as $status ) { - if ( !empty( $custom_status_slug_keys[ $status->name ] ) ) { - $final_statuses[] = $status; + || '0000-00-00 00:00:00' !== $data['post_date_gmt'] ) { + return; } + + $this->post_date_cache[ $post_ID ] = $post->post_date; } - return apply_filters( 'ef_calendar_post_stati', $final_statuses ); - } + /** + * This is a hack! hack! hack! until core is fixed + * + * The calendar uses 'post_date' field to store the position on the calendar + * If a post has a core post status assigned (e.g. 'draft' or 'pending'), the `post_date` + * field will be reset when `wp_update_post()` + * is used: http://core.trac.wordpress.org/browser/tags/3.7.1/src/wp-includes/post.php#L2998 + * + * This method restores the `post_date` field if it needs to be restored. + * + * @uses fix_post_date_on_update_part_one() + */ + public function fix_post_date_on_update_part_two( $post_ID, $post_after, $post_before ) { + global $wpdb; - public function get_calendar_users() { - $users_args = array( - 'orderby' => 'display_name', - 'order' => 'ASC', - 'blog_id' => get_current_blog_id() - ); + if ( empty( $this->post_date_cache[ $post_ID ] ) ) { + return; + } - $users_args = apply_filters( 'ef_calendar_dropdown_users_args', $users_args ); + $post_date = $this->post_date_cache[ $post_ID ]; + unset( $this->post_date_cache[ $post_ID ] ); + $wpdb->update( $wpdb->posts, array( 'post_date' => $post_date ), array( 'ID' => $post_ID ) ); + clean_post_cache( $post_ID ); + } - return get_users( $users_args ); - } + /** + * Returns a list of custom status objects used by the calendar + * + * @return array An array of StdClass objects representing statuses + */ + public function get_calendar_post_stati() { + $post_stati = get_post_stati( array(), 'object' ); + $custom_status_slugs = wp_list_pluck( $this->get_post_statuses(), 'slug' ); + $custom_status_slugs[] = 'future'; + $custom_status_slugs[] = 'publish'; - public function get_calendar_categories() { - $categories_args = array( - 'orderby' => 'id', - 'order' => 'ASC', - 'hide_empty' => 0, - 'hierarchical' => 0, - 'taxonomy' => 'category' - ); + $custom_status_slug_keys = array_flip( $custom_status_slugs ); - return get_terms( $categories_args ); - } + $final_statuses = []; - public function get_calendar_frontend_config() { - global $wp_version; + foreach ( $post_stati as $status ) { + if ( ! empty( $custom_status_slug_keys[ $status->name ] ) ) { + $final_statuses[] = $status; + } + } - $all_post_types = get_post_types( null, 'objects' ); + return apply_filters( 'ef_calendar_post_stati', $final_statuses ); + } - $config = array( - 'POST_STATI' => $this->get_calendar_post_stati(), - 'USERS' => array_map( - function( $item ) { - return array( - 'id' => $item->ID, - 'display_name' => $item->display_name, - ); - }, - $this->get_calendar_users() - ), - 'CATEGORIES' => $this->get_calendar_categories(), - 'POST_TYPES' => array_map( function ( $item ) use ( $all_post_types ) { - return $all_post_types[ $item ]; - }, $this->get_post_types_for_module( $this->module ) ), - 'NUM_WEEKS' => array( - 'MAX' => $this->max_weeks, - 'DEFAULT' => $this->total_weeks, - ), - 'BEGINNING_OF_WEEK' => $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ), - 'FILTERS' => $this->get_filters(), - 'PAGE_URL' => menu_page_url( $this->module->slug, false ), - 'WP_VERSION' => $wp_version - ); + public function get_calendar_users() { + $users_args = array( + 'orderby' => 'display_name', + 'order' => 'ASC', + 'blog_id' => get_current_blog_id(), + ); - return apply_filters( 'ef_calendar_frontend_config', $config ); - } + $users_args = apply_filters( 'ef_calendar_dropdown_users_args', $users_args ); -} // EF_Calendar + return get_users( $users_args ); + } + + public function get_calendar_categories() { + $categories_args = array( + 'orderby' => 'id', + 'order' => 'ASC', + 'hide_empty' => 0, + 'hierarchical' => 0, + 'taxonomy' => 'category', + ); + + return get_terms( $categories_args ); + } + + public function get_calendar_frontend_config() { + global $wp_version; + + $all_post_types = get_post_types( null, 'objects' ); + + $config = array( + 'POST_STATI' => $this->get_calendar_post_stati(), + 'USERS' => array_map( + function ( $item ) { + return array( + 'id' => $item->ID, + 'display_name' => $item->display_name, + ); + }, + $this->get_calendar_users() + ), + 'CATEGORIES' => $this->get_calendar_categories(), + 'POST_TYPES' => array_map( function ( $item ) use ( $all_post_types ) { + return $all_post_types[ $item ]; + }, $this->get_post_types_for_module( $this->module ) ), + 'NUM_WEEKS' => array( + 'MAX' => $this->max_weeks, + 'DEFAULT' => $this->total_weeks, + ), + 'BEGINNING_OF_WEEK' => $this->get_beginning_of_week( date( 'Y-m-d', current_time( 'timestamp' ) ) ), + 'FILTERS' => $this->get_filters(), + 'PAGE_URL' => menu_page_url( $this->module->slug, false ), + 'WP_VERSION' => $wp_version, + ); + + return apply_filters( 'ef_calendar_frontend_config', $config ); + } + } // EF_Calendar } // class_exists('EF_Calendar') diff --git a/modules/custom-status/custom-status.php b/modules/custom-status/custom-status.php index df701d7a4..f8ec5739f 100644 --- a/modules/custom-status/custom-status.php +++ b/modules/custom-status/custom-status.php @@ -9,332 +9,337 @@ * - Ensure all of the form processing uses our messages functionality */ +if ( ! class_exists( 'EF_Custom_Status' ) ) { - if ( !class_exists( 'EF_Custom_Status' ) ) { + class EF_Custom_Status extends EF_Module { -class EF_Custom_Status extends EF_Module { + public $module; - var $module; + private $custom_statuses_cache = array(); - private $custom_statuses_cache = array(); + // This is taxonomy name used to store all our custom statuses + // phpcs:ignore Generic.NamingConventions.UpperCaseConstantName.ClassConstantNotUpperCase + const taxonomy_key = 'post_status'; - // This is taxonomy name used to store all our custom statuses - const taxonomy_key = 'post_status'; + /** + * Register the module with Edit Flow but don't do anything else + */ + public function __construct() { - /** - * Register the module with Edit Flow but don't do anything else - */ - function __construct() { - - $this->module_url = $this->get_module_url( __FILE__ ); - // Register the module with Edit Flow - $args = array( - 'title' => __( 'Custom Statuses', 'edit-flow' ), - 'short_description' => __( 'Create custom post statuses to define the stages of your workflow.', 'edit-flow' ), - 'extended_description' => __( 'Create your own post statuses to add structure your publishing workflow. You can change existing or add new ones anytime, and drag and drop to change their order.', 'edit-flow' ), - 'module_url' => $this->module_url, - 'img_url' => $this->module_url . 'lib/custom_status_s128.png', - 'slug' => 'custom-status', - 'default_options' => array( - 'enabled' => 'on', - 'default_status' => 'pitch', - 'always_show_dropdown' => 'off', - 'post_types' => array( - 'post' => 'on', - 'page' => 'on', + $this->module_url = $this->get_module_url( __FILE__ ); + // Register the module with Edit Flow + $args = array( + 'title' => __( 'Custom Statuses', 'edit-flow' ), + 'short_description' => __( 'Create custom post statuses to define the stages of your workflow.', 'edit-flow' ), + 'extended_description' => __( 'Create your own post statuses to add structure your publishing workflow. You can change existing or add new ones anytime, and drag and drop to change their order.', 'edit-flow' ), + 'module_url' => $this->module_url, + 'img_url' => $this->module_url . 'lib/custom_status_s128.png', + 'slug' => 'custom-status', + 'default_options' => array( + 'enabled' => 'on', + 'default_status' => 'pitch', + 'always_show_dropdown' => 'off', + 'post_types' => array( + 'post' => 'on', + 'page' => 'on', + ), ), - ), - 'post_type_support' => 'ef_custom_statuses', // This has been plural in all of our docs - 'configure_page_cb' => 'print_configure_view', - 'configure_link_text' => __( 'Edit Statuses', 'edit-flow' ), - 'messages' => array( - 'status-added' => __( 'Post status created.', 'edit-flow' ), - 'status-missing' => __( "Post status doesn't exist.", 'edit-flow' ), - 'default-status-changed' => __( 'Default post status has been changed.', 'edit-flow'), - 'term-updated' => __( "Post status updated.", 'edit-flow' ), - 'status-deleted' => __( 'Post status deleted.', 'edit-flow' ), - 'status-position-updated' => __( "Status order updated.", 'edit-flow' ), - ), - 'autoload' => false, - 'settings_help_tab' => array( - 'id' => 'ef-custom-status-overview', - 'title' => __('Overview', 'edit-flow'), - 'content' => __('

    Edit Flow’s custom statuses allow you to define the most important stages of your editorial workflow. Out of the box, WordPress only offers “Draft” and “Pending Review” as post states. With custom statuses, you can create your own post states like “In Progress”, “Pitch”, or “Waiting for Edit” and keep or delete the originals. You can also drag and drop statuses to set the best order for your workflow.

    Custom statuses are fully integrated into the rest of Edit Flow and the WordPress admin. On the calendar and story budget, you can filter your view to see only posts of a specific post state. Furthermore, email notifications can be sent to a specific group of users when a post changes state.

    ', 'edit-flow'), + 'post_type_support' => 'ef_custom_statuses', // This has been plural in all of our docs + 'configure_page_cb' => 'print_configure_view', + 'configure_link_text' => __( 'Edit Statuses', 'edit-flow' ), + 'messages' => array( + 'status-added' => __( 'Post status created.', 'edit-flow' ), + 'status-missing' => __( "Post status doesn't exist.", 'edit-flow' ), + 'default-status-changed' => __( 'Default post status has been changed.', 'edit-flow' ), + 'term-updated' => __( 'Post status updated.', 'edit-flow' ), + 'status-deleted' => __( 'Post status deleted.', 'edit-flow' ), + 'status-position-updated' => __( 'Status order updated.', 'edit-flow' ), ), - 'settings_help_sidebar' => __( '

    For more information:

    Custom Status Documentation

    Edit Flow Forum

    Edit Flow on Github

    ', 'edit-flow' ), - ); - $this->module = EditFlow()->register_module( 'custom_status', $args ); - } + 'autoload' => false, + 'settings_help_tab' => array( + 'id' => 'ef-custom-status-overview', + 'title' => __( 'Overview', 'edit-flow' ), + 'content' => __( '

    Edit Flow’s custom statuses allow you to define the most important stages of your editorial workflow. Out of the box, WordPress only offers “Draft” and “Pending Review” as post states. With custom statuses, you can create your own post states like “In Progress”, “Pitch”, or “Waiting for Edit” and keep or delete the originals. You can also drag and drop statuses to set the best order for your workflow.

    Custom statuses are fully integrated into the rest of Edit Flow and the WordPress admin. On the calendar and story budget, you can filter your view to see only posts of a specific post state. Furthermore, email notifications can be sent to a specific group of users when a post changes state.

    ', 'edit-flow' ), + ), + 'settings_help_sidebar' => __( '

    For more information:

    Custom Status Documentation

    Edit Flow Forum

    Edit Flow on Github

    ', 'edit-flow' ), + ); + $this->module = EditFlow()->register_module( 'custom_status', $args ); + } - /** - * Initialize the EF_Custom_Status class if the module is active - */ - function init() { - global $edit_flow; + /** + * Initialize the EF_Custom_Status class if the module is active + */ + public function init() { + global $edit_flow; - // Register custom statuses as a taxonomy - $this->register_custom_statuses(); + // Register custom statuses as a taxonomy + $this->register_custom_statuses(); - // Register our settings - add_action( 'admin_init', array( $this, 'register_settings' ) ); + // Register our settings + add_action( 'admin_init', array( $this, 'register_settings' ) ); - if ( ! $this->disable_custom_statuses_for_post_type() ) { - // Load CSS and JS resources that we probably need in the admin page - add_action( 'admin_enqueue_scripts', array( $this, 'action_admin_enqueue_scripts' ) ); + if ( ! $this->disable_custom_statuses_for_post_type() ) { + // Load CSS and JS resources that we probably need in the admin page + add_action( 'admin_enqueue_scripts', array( $this, 'action_admin_enqueue_scripts' ) ); - // Assets for block editor UI. - add_action( 'enqueue_block_editor_assets', array( $this, 'load_scripts_for_block_editor') ); + // Assets for block editor UI. + add_action( 'enqueue_block_editor_assets', array( $this, 'load_scripts_for_block_editor' ) ); - // Assets for iframed block editor and editor UI. - add_action( 'enqueue_block_editor_assets', array( $this, 'load_styles_for_block_editor') ); - } + // Assets for iframed block editor and editor UI. + add_action( 'enqueue_block_editor_assets', array( $this, 'load_styles_for_block_editor' ) ); + } - add_action( 'admin_notices', array( $this, 'no_js_notice' ) ); - add_action( 'admin_print_scripts', array( $this, 'post_admin_header' ) ); - - // Add custom statuses to the post states. - add_filter( 'display_post_states', array( $this, 'add_status_to_post_states' ), 10, 2 ); - - // Methods for handling the actions of creating, making default, and deleting post stati - add_action( 'admin_init', array( $this, 'handle_add_custom_status' ) ); - add_action( 'admin_init', array( $this, 'handle_edit_custom_status' ) ); - add_action( 'admin_init', array( $this, 'handle_make_default_custom_status' ) ); - add_action( 'admin_init', array( $this, 'handle_delete_custom_status' ) ); - add_action( 'wp_ajax_update_status_positions', array( $this, 'handle_ajax_update_status_positions' ) ); - add_action( 'wp_ajax_inline_save_status', array( $this, 'ajax_inline_save_status' ) ); - - // These seven-ish methods are hacks for fixing bugs in WordPress core - add_action( 'admin_init', array( $this, 'check_timestamp_on_publish' ) ); - add_filter( 'wp_insert_post_data', array( $this, 'fix_custom_status_timestamp' ), 10, 2 ); - add_filter( 'wp_insert_post_data', array( $this, 'maybe_keep_post_name_empty' ), 10, 2 ); - add_filter( 'pre_wp_unique_post_slug', array( $this, 'fix_unique_post_slug' ), 10, 6 ); - add_filter( 'preview_post_link', array( $this, 'fix_preview_link_part_one' ) ); - add_filter( 'post_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); - add_filter( 'page_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); - add_filter( 'post_type_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); - add_filter( 'preview_post_link', array( $this, 'fix_preview_link_part_three' ), 11, 2 ); - add_filter( 'get_sample_permalink', array( $this, 'fix_get_sample_permalink' ), 10, 5 ); - add_filter( 'get_sample_permalink_html', array( $this, 'fix_get_sample_permalink_html' ), 10, 5); - add_filter( 'post_row_actions', array( $this, 'fix_post_row_actions' ), 10, 2 ); - add_filter( 'page_row_actions', array( $this, 'fix_post_row_actions' ), 10, 2 ); - - // Pagination for custom post statuses when previewing posts - add_filter( 'wp_link_pages_link', array( $this, 'modify_preview_link_pagination_url' ), 10, 2 ); - } + add_action( 'admin_notices', array( $this, 'no_js_notice' ) ); + add_action( 'admin_print_scripts', array( $this, 'post_admin_header' ) ); + + // Add custom statuses to the post states. + add_filter( 'display_post_states', array( $this, 'add_status_to_post_states' ), 10, 2 ); + + // Methods for handling the actions of creating, making default, and deleting post stati + add_action( 'admin_init', array( $this, 'handle_add_custom_status' ) ); + add_action( 'admin_init', array( $this, 'handle_edit_custom_status' ) ); + add_action( 'admin_init', array( $this, 'handle_make_default_custom_status' ) ); + add_action( 'admin_init', array( $this, 'handle_delete_custom_status' ) ); + add_action( 'wp_ajax_update_status_positions', array( $this, 'handle_ajax_update_status_positions' ) ); + add_action( 'wp_ajax_inline_save_status', array( $this, 'ajax_inline_save_status' ) ); + + // These seven-ish methods are hacks for fixing bugs in WordPress core + add_action( 'admin_init', array( $this, 'check_timestamp_on_publish' ) ); + add_filter( 'wp_insert_post_data', array( $this, 'fix_custom_status_timestamp' ), 10, 2 ); + add_filter( 'wp_insert_post_data', array( $this, 'maybe_keep_post_name_empty' ), 10, 2 ); + add_filter( 'pre_wp_unique_post_slug', array( $this, 'fix_unique_post_slug' ), 10, 6 ); + add_filter( 'preview_post_link', array( $this, 'fix_preview_link_part_one' ) ); + add_filter( 'post_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); + add_filter( 'page_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); + add_filter( 'post_type_link', array( $this, 'fix_preview_link_part_two' ), 10, 3 ); + add_filter( 'preview_post_link', array( $this, 'fix_preview_link_part_three' ), 11, 2 ); + add_filter( 'get_sample_permalink', array( $this, 'fix_get_sample_permalink' ), 10, 5 ); + add_filter( 'get_sample_permalink_html', array( $this, 'fix_get_sample_permalink_html' ), 10, 5 ); + add_filter( 'post_row_actions', array( $this, 'fix_post_row_actions' ), 10, 2 ); + add_filter( 'page_row_actions', array( $this, 'fix_post_row_actions' ), 10, 2 ); + + // Pagination for custom post statuses when previewing posts + add_filter( 'wp_link_pages_link', array( $this, 'modify_preview_link_pagination_url' ), 10, 2 ); + } - /** - * Create the default set of custom statuses the first time the module is loaded - * - * @since 0.7 - */ - function install() { - - $default_terms = array( - array( - 'term' => __( 'Pitch', 'edit-flow' ), - 'args' => array( - 'slug' => 'pitch', - 'description' => __( 'Idea proposed; waiting for acceptance.', 'edit-flow' ), - 'position' => 1, + /** + * Create the default set of custom statuses the first time the module is loaded + * + * @since 0.7 + */ + public function install() { + + $default_terms = array( + array( + 'term' => __( 'Pitch', 'edit-flow' ), + 'args' => array( + 'slug' => 'pitch', + 'description' => __( 'Idea proposed; waiting for acceptance.', 'edit-flow' ), + 'position' => 1, + ), ), - ), - array( - 'term' => __( 'Assigned', 'edit-flow' ), - 'args' => array( - 'slug' => 'assigned', - 'description' => __( 'Post idea assigned to writer.', 'edit-flow' ), - 'position' => 2, + array( + 'term' => __( 'Assigned', 'edit-flow' ), + 'args' => array( + 'slug' => 'assigned', + 'description' => __( 'Post idea assigned to writer.', 'edit-flow' ), + 'position' => 2, + ), ), - ), - array( - 'term' => __( 'In Progress', 'edit-flow' ), - 'args' => array( - 'slug' => 'in-progress', - 'description' => __( 'Writer is working on the post.', 'edit-flow' ), - 'position' => 3, + array( + 'term' => __( 'In Progress', 'edit-flow' ), + 'args' => array( + 'slug' => 'in-progress', + 'description' => __( 'Writer is working on the post.', 'edit-flow' ), + 'position' => 3, + ), ), - ), - array( - 'term' => __( 'Draft', 'edit-flow' ), - 'args' => array( - 'slug' => 'draft', - 'description' => __( 'Post is a draft; not ready for review or publication.', 'edit-flow' ), - 'position' => 4, + array( + 'term' => __( 'Draft', 'edit-flow' ), + 'args' => array( + 'slug' => 'draft', + 'description' => __( 'Post is a draft; not ready for review or publication.', 'edit-flow' ), + 'position' => 4, + ), ), - ), - array( - 'term' => __( 'Pending Review' ), - 'args' => array( - 'slug' => 'pending', - 'description' => __( 'Post needs to be reviewed by an editor.', 'edit-flow' ), - 'position' => 5, + array( + 'term' => __( 'Pending Review' ), + 'args' => array( + 'slug' => 'pending', + 'description' => __( 'Post needs to be reviewed by an editor.', 'edit-flow' ), + 'position' => 5, + ), ), - ), - ); + ); - // Okay, now add the default statuses to the db if they don't already exist - foreach( $default_terms as $term ) { - if( !term_exists( $term['term'], self::taxonomy_key ) ) - $this->add_custom_status( $term['term'], $term['args'] ); + // Okay, now add the default statuses to the db if they don't already exist + foreach ( $default_terms as $term ) { + if ( ! term_exists( $term['term'], self::taxonomy_key ) ) { + $this->add_custom_status( $term['term'], $term['args'] ); + } + } } - } - - /** - * Upgrade our data in case we need to - * - * @since 0.7 - */ - function upgrade( $previous_version ) { - global $edit_flow; + /** + * Upgrade our data in case we need to + * + * @since 0.7 + */ + public function upgrade( $previous_version ) { + global $edit_flow; + + // Upgrade path to v0.7 + if ( version_compare( $previous_version, '0.7', '<' ) ) { + // Migrate dropdown visibility option + $dropdown_visible = get_option( 'edit_flow_status_dropdown_visible' ); + if ( $dropdown_visible ) { + $dropdown_visible = 'on'; + } else { + $dropdown_visible = 'off'; + } + $edit_flow->update_module_option( $this->module->name, 'always_show_dropdown', $dropdown_visible ); + delete_option( 'edit_flow_status_dropdown_visible' ); + // Migrate default status option + $default_status = get_option( 'edit_flow_custom_status_default_status' ); + if ( $default_status ) { + $edit_flow->update_module_option( $this->module->name, 'default_status', $default_status ); + } + delete_option( 'edit_flow_custom_status_default_status' ); - // Upgrade path to v0.7 - if ( version_compare( $previous_version, '0.7' , '<' ) ) { - // Migrate dropdown visibility option - if ( $dropdown_visible = get_option( 'edit_flow_status_dropdown_visible' ) ) - $dropdown_visible = 'on'; - else - $dropdown_visible = 'off'; - $edit_flow->update_module_option( $this->module->name, 'always_show_dropdown', $dropdown_visible ); - delete_option( 'edit_flow_status_dropdown_visible' ); - // Migrate default status option - if ( $default_status = get_option( 'edit_flow_custom_status_default_status' ) ) - $edit_flow->update_module_option( $this->module->name, 'default_status', $default_status ); - delete_option( 'edit_flow_custom_status_default_status' ); - - // Technically we've run this code before so we don't want to auto-install new data - $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); - } - // Upgrade path to v0.7.4 - if ( version_compare( $previous_version, '0.7.4', '<' ) ) { - // Custom status descriptions become base64_encoded, instead of maybe json_encoded. - $this->upgrade_074_term_descriptions( self::taxonomy_key ); + // Technically we've run this code before so we don't want to auto-install new data + $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); + } + // Upgrade path to v0.7.4 + if ( version_compare( $previous_version, '0.7.4', '<' ) ) { + // Custom status descriptions become base64_encoded, instead of maybe json_encoded. + $this->upgrade_074_term_descriptions( self::taxonomy_key ); + } } - } + /** + * Makes the call to register_post_status to register the user's custom statuses. + * Also unregisters draft and pending, in case the user doesn't want them. + */ + public function register_custom_statuses() { + global $wp_post_statuses; - /** - * Makes the call to register_post_status to register the user's custom statuses. - * Also unregisters draft and pending, in case the user doesn't want them. - */ - function register_custom_statuses() { - global $wp_post_statuses; - - if ( $this->disable_custom_statuses_for_post_type() ) - return; - - // Register new taxonomy so that we can store all our fancy new custom statuses (or is it stati?) - if ( !taxonomy_exists( self::taxonomy_key ) ) { - $args = array( 'hierarchical' => false, - 'update_count_callback' => '_update_post_term_count', - 'label' => false, - 'query_var' => false, - 'rewrite' => false, - 'show_ui' => false - ); - register_taxonomy( self::taxonomy_key, 'post', $args ); - } + if ( $this->disable_custom_statuses_for_post_type() ) { + return; + } + + // Register new taxonomy so that we can store all our fancy new custom statuses (or is it stati?) + if ( ! taxonomy_exists( self::taxonomy_key ) ) { + $args = array( + 'hierarchical' => false, + 'update_count_callback' => '_update_post_term_count', + 'label' => false, + 'query_var' => false, + 'rewrite' => false, + 'show_ui' => false, + ); + register_taxonomy( self::taxonomy_key, 'post', $args ); + } - if ( function_exists( 'register_post_status' ) ) { - // Users can delete draft and pending statuses if they want, so let's get rid of them - // They'll get re-added if the user hasn't "deleted" them - unset( $wp_post_statuses[ 'draft' ] ); - unset( $wp_post_statuses[ 'pending' ] ); + if ( function_exists( 'register_post_status' ) ) { + // Users can delete draft and pending statuses if they want, so let's get rid of them + // They'll get re-added if the user hasn't "deleted" them + unset( $wp_post_statuses['draft'] ); + unset( $wp_post_statuses['pending'] ); - $custom_statuses = $this->get_custom_statuses(); + $custom_statuses = $this->get_custom_statuses(); - // Unfortunately, register_post_status() doesn't accept a - // post type argument, so we have to register the post - // statuses for all post types. This results in - // all post statuses for a post type appearing at the top - // of manage posts if there is a post with the status - foreach ( $custom_statuses as $status ) { - register_post_status( $status->slug, array( - 'label' => $status->name - , 'protected' => true - , '_builtin' => false - , 'label_count' => _n_noop( "{$status->name} (%s)", "{$status->name} (%s)" ) - ) ); + // Unfortunately, register_post_status() doesn't accept a + // post type argument, so we have to register the post + // statuses for all post types. This results in + // all post statuses for a post type appearing at the top + // of manage posts if there is a post with the status + foreach ( $custom_statuses as $status ) { + register_post_status( $status->slug, array( + 'label' => $status->name, + 'protected' => true, + '_builtin' => false, + 'label_count' => _n_noop( "{$status->name} (%s)", "{$status->name} (%s)" ), + ) ); + } } } - } - /** - * Whether custom post statuses should be disabled for this post type. - * Used to stop custom statuses from being registered for post types that don't support them. - * - * @since 0.7.5 - * - * @return bool - */ - function disable_custom_statuses_for_post_type( $post_type = null ) { - global $pagenow; - - // Only allow deregistering on 'edit.php' and 'post.php' - if ( ! in_array( $pagenow, array( 'edit.php', 'post.php', 'post-new.php' ) ) ) - return false; + /** + * Whether custom post statuses should be disabled for this post type. + * Used to stop custom statuses from being registered for post types that don't support them. + * + * @since 0.7.5 + * + * @return bool + */ + public function disable_custom_statuses_for_post_type( $post_type = null ) { + global $pagenow; - if ( is_null( $post_type ) ) { - $post_type = $this->get_current_post_type(); - } + // Only allow deregistering on 'edit.php' and 'post.php' + if ( ! in_array( $pagenow, array( 'edit.php', 'post.php', 'post-new.php' ) ) ) { + return false; + } - if ( $post_type && ! in_array( $post_type, $this->get_post_types_for_module( $this->module ) ) ) { - return true; - } + if ( is_null( $post_type ) ) { + $post_type = $this->get_current_post_type(); + } - return false; - } + if ( $post_type && ! in_array( $post_type, $this->get_post_types_for_module( $this->module ) ) ) { + return true; + } - /** - * Enqueue Javascript resources that we need in the admin: - * - Primary use of Javascript is to manipulate the post status dropdown on Edit Post and Manage Posts - * - jQuery Sortable plugin is used for drag and dropping custom statuses - * - We have other custom code for Quick Edit and JS niceties - */ - function action_admin_enqueue_scripts() { - // Load Javascript we need to use on the configuration views (jQuery Sortable and Quick Edit) - if ( $this->is_whitelisted_settings_view( $this->module->name ) ) { - wp_enqueue_script( 'jquery-ui-sortable' ); - wp_enqueue_script( 'edit-flow-custom-status-configure', $this->module_url . 'lib/custom-status-configure.js', array( 'jquery', 'jquery-ui-sortable', 'edit-flow-settings-js' ), EDIT_FLOW_VERSION, true ); + return false; } - // Custom javascript to modify the post status dropdown where it shows up - if ( $this->is_whitelisted_page() ) { - wp_enqueue_script( 'edit_flow-custom_status', $this->module_url . 'lib/custom-status.js', array( 'jquery','post' ), EDIT_FLOW_VERSION, true ); - wp_localize_script('edit_flow-custom_status', '__ef_localize_custom_status', array( - 'no_change' => esc_html__( "— No Change —", 'edit-flow' ), - 'published' => esc_html__( 'Published', 'edit-flow' ), - 'save_as' => esc_html__( 'Save as', 'edit-flow' ), - 'save' => esc_html__( 'Save', 'edit-flow' ), - 'edit' => esc_html__( 'Edit', 'edit-flow' ), - 'ok' => esc_html__( 'OK', 'edit-flow' ), - 'cancel' => esc_html__( 'Cancel', 'edit-flow' ), - )); - } + /** + * Enqueue Javascript resources that we need in the admin: + * - Primary use of Javascript is to manipulate the post status dropdown on Edit Post and Manage Posts + * - jQuery Sortable plugin is used for drag and dropping custom statuses + * - We have other custom code for Quick Edit and JS niceties + */ + public function action_admin_enqueue_scripts() { + // Load Javascript we need to use on the configuration views (jQuery Sortable and Quick Edit) + if ( $this->is_whitelisted_settings_view( $this->module->name ) ) { + wp_enqueue_script( 'jquery-ui-sortable' ); + wp_enqueue_script( 'edit-flow-custom-status-configure', $this->module_url . 'lib/custom-status-configure.js', array( 'jquery', 'jquery-ui-sortable', 'edit-flow-settings-js' ), EDIT_FLOW_VERSION, true ); + } - } + // Custom javascript to modify the post status dropdown where it shows up + if ( $this->is_whitelisted_page() ) { + wp_enqueue_script( 'edit_flow-custom_status', $this->module_url . 'lib/custom-status.js', array( 'jquery', 'post' ), EDIT_FLOW_VERSION, true ); + wp_localize_script('edit_flow-custom_status', '__ef_localize_custom_status', array( + 'no_change' => esc_html__( '— No Change —', 'edit-flow' ), + 'published' => esc_html__( 'Published', 'edit-flow' ), + 'save_as' => esc_html__( 'Save as', 'edit-flow' ), + 'save' => esc_html__( 'Save', 'edit-flow' ), + 'edit' => esc_html__( 'Edit', 'edit-flow' ), + 'ok' => esc_html__( 'OK', 'edit-flow' ), + 'cancel' => esc_html__( 'Cancel', 'edit-flow' ), + )); + } + } - function load_scripts_for_block_editor(){ - global $post; + public function load_scripts_for_block_editor() { + global $post; - wp_enqueue_script( 'edit-flow-block-custom-status-script', EDIT_FLOW_URL . 'dist/custom-status.build.js', array( 'wp-blocks', 'wp-element', 'wp-edit-post', 'wp-plugins', 'wp-components' ), EDIT_FLOW_VERSION ); + wp_enqueue_script( 'edit-flow-block-custom-status-script', EDIT_FLOW_URL . 'dist/custom-status.build.js', array( 'wp-blocks', 'wp-element', 'wp-edit-post', 'wp-plugins', 'wp-components' ), EDIT_FLOW_VERSION ); - $custom_statuses = apply_filters( 'ef_custom_status_list', $this->get_custom_statuses(), $post ); + $custom_statuses = apply_filters( 'ef_custom_status_list', $this->get_custom_statuses(), $post ); - wp_localize_script( 'edit-flow-block-custom-status-script', 'EditFlowCustomStatuses', array_values( $custom_statuses ) ); - } + wp_localize_script( 'edit-flow-block-custom-status-script', 'EditFlowCustomStatuses', array_values( $custom_statuses ) ); + } - function load_styles_for_block_editor(){ - wp_enqueue_style( 'edit-flow-block-custom-status-styles', EDIT_FLOW_URL . 'dist/custom-status.editor.build.css', false, EDIT_FLOW_VERSION ); - } + public function load_styles_for_block_editor() { + wp_enqueue_style( 'edit-flow-block-custom-status-styles', EDIT_FLOW_URL . 'dist/custom-status.editor.build.css', false, EDIT_FLOW_VERSION ); + } - /** - * Displays a notice to users if they have JS disabled - * Javascript is needed for custom statuses to be fully functional - */ - function no_js_notice() { - if( $this->is_whitelisted_page() ) : - ?> + /** + * Displays a notice to users if they have JS disabled + * Javascript is needed for custom statuses to be fully functional + */ + public function no_js_notice() { + if ( $this->is_whitelisted_page() ) : + ?> @@ -355,9 +361,9 @@ function story_budget() { * * @since 0.7 */ - function story_budget_time_range() { + public function story_budget_time_range() { ?> -
    + user_filters['start_date'] ) ) ); ?> @@ -382,7 +388,7 @@ function story_budget_time_range() { * @param object $term The term we're getting posts for * @return array $term_posts An array of post objects for the term */ - function get_posts_for_term( $term, $args = null ) { + public function get_posts_for_term( $term, $args = null ) { $defaults = array( 'post_status' => null, @@ -395,7 +401,7 @@ function get_posts_for_term( $term, $args = null ) { $arg_terms = array( $term->term_id, ); - $arg_terms = array_merge( $arg_terms, get_term_children( $term->term_id, $this->taxonomy_used ) ) ; + $arg_terms = array_merge( $arg_terms, get_term_children( $term->term_id, $this->taxonomy_used ) ); $args['tax_query'] = array( array( 'taxonomy' => $this->taxonomy_used, @@ -418,15 +424,17 @@ function get_posts_for_term( $term, $args = null ) { } // Filter by post_author if it's set - if ( $args['author'] === '0' ) unset( $args['author'] ); + if ( '0' === $args['author'] ) { + unset( $args['author'] ); + } $beginning_date = strtotime( $this->user_filters['start_date'] ); $days_to_show = $this->user_filters['number_days']; $ending_date = $beginning_date + ( $days_to_show * DAY_IN_SECONDS ); $args['date_query'] = array( - 'after' => date( "Y-m-d", $beginning_date ), - 'before' => date( "Y-m-d", $ending_date ), + 'after' => date( 'Y-m-d', $beginning_date ), + 'before' => date( 'Y-m-d', $ending_date ), 'inclusive' => true, ); @@ -451,23 +459,29 @@ function get_posts_for_term( $term, $args = null ) { * * @param object $term The term to print. */ - function print_term( $term ) { + public function print_term( $term ) { global $wpdb; $posts = $this->get_posts_for_term( $term, $this->user_filters ); - if ( !empty( $posts ) ) + if ( ! empty( $posts ) ) { // Don't display the message for $no_matching_posts $this->no_matching_posts = false; + } - ?> -
    + ?> +

    name ); ?>

    - +
  • :
    '; + $html .= esc_html( date_i18n( 'l', strtotime( $date ) ) ); + $html .= ''; - $html .= esc_html( date_i18n('l', strtotime( $date ) ) ); - $html .= '
    - term_columns as $key => $name ): ?> + term_columns as $key => $name ) : ?> @@ -475,17 +489,18 @@ function print_term( $term ) { print_post( $post, $term ); + foreach ( $posts as $post ) { + $this->print_post( $post, $term ); + } ?>
    - +

    - - term_columns as $key => $name ) { + term_columns as $key => $name ) { echo ''; if ( method_exists( $this, 'term_column_' . $key ) ) { $method = 'term_column_' . $key; - echo $this->$method( $post, $parent_term ); + echo wp_kses_post( $this->$method( $post, $parent_term ) ); } else { - echo $this->term_column_default( $post, $key, $parent_term ); + echo wp_kses_post( $this->term_column_default( $post, $key, $parent_term ) ); } echo ''; - } ?> + } + ?> post_status ); return $status_name->label; @@ -545,12 +563,12 @@ function term_column_default( $post, $column_name, $parent_term ) { return $output; break; case 'post_modified': + // translators: %s is a human-readable time difference return sprintf( esc_html__( '%s ago', 'edit-flow' ), human_time_diff( get_the_time( 'U', $post->ID ), current_time( 'timestamp' ) ) ); break; default: break; } - } /** @@ -558,29 +576,35 @@ function term_column_default( $post, $column_name, $parent_term ) { * * @since 0.7 */ - function term_column_title( $post, $parent_term ) { + public function term_column_title( $post, $parent_term ) { $post_title = _draft_or_post_title( $post->ID ); $post_type_object = get_post_type_object( $post->post_type ); $can_edit_post = current_user_can( $post_type_object->cap->edit_post, $post->ID ); - if ( $can_edit_post ) + if ( $can_edit_post ) { $output = '' . esc_html( $post_title ) . ''; - else + } else { $output = '' . esc_html( $post_title ) . ''; + } // Edit or Trash or View $output .= '
    '; $item_actions = array(); - if ( $can_edit_post ) + if ( $can_edit_post ) { $item_actions['edit'] = '' . __( 'Edit', 'edit-flow' ) . ''; - if ( EMPTY_TRASH_DAYS > 0 && current_user_can( $post_type_object->cap->delete_post, $post->ID ) ) + } + if ( EMPTY_TRASH_DAYS > 0 && current_user_can( $post_type_object->cap->delete_post, $post->ID ) ) { $item_actions['trash'] = '' . __( 'Trash', 'edit-flow' ) . ''; + } // Display a View or a Preview link depending on whether the post has been published or not - if ( in_array( $post->post_status, array( 'publish' ) ) ) + if ( in_array( $post->post_status, array( 'publish' ) ) ) { + // translators: %s is the post title $item_actions['view'] = '' . __( 'View', 'edit-flow' ) . ''; - else if ( $can_edit_post ) + } else if ( $can_edit_post ) { + // translators: %s is the post title $item_actions['previewpost'] = '' . __( 'Preview', 'edit-flow' ) . ''; + } $item_actions = apply_filters( 'ef_story_budget_item_actions', $item_actions, $post->ID ); if ( count( $item_actions ) ) { @@ -599,26 +623,28 @@ function term_column_title( $post, $parent_term ) { /** * Print any messages that should appear based on the action performed */ - function print_messages() { - ?> + public function print_messages() { + ?> -

    '; // Following mostly stolen from edit.php if ( isset( $_GET['trashed'] ) && (int) $_GET['trashed'] ) { - printf( _n( 'Item moved to the trash.', '%d items moved to the trash.', $_GET['trashed'] ), number_format_i18n( $_GET['trashed'] ) ); - $ids = isset($_GET['ids']) ? $_GET['ids'] : 0; - echo ' ' . __( 'Undo', 'edit-flow' ) . '
    '; - unset($_GET['trashed']); + // translators: %d is the number of posts trashed + printf( esc_html( _n( 'Item moved to the trash.', '%d items moved to the trash.', $_GET['trashed'] ), number_format_i18n( $_GET['trashed'] ) ) ); + $ids = isset( $_GET['ids'] ) ? $_GET['ids'] : 0; + echo ' ' . esc_html__( 'Undo', 'edit-flow' ) . '
    '; + unset( $_GET['trashed'] ); } - if ( isset($_GET['untrashed'] ) && (int) $_GET['untrashed'] ) { - printf( _n( 'Item restored from the Trash.', '%d items restored from the Trash.', $_GET['untrashed'] ), number_format_i18n( $_GET['untrashed'] ) ); - unset($_GET['undeleted']); + if ( isset( $_GET['untrashed'] ) && (int) $_GET['untrashed'] ) { + // translators: %d is the number of posts restored from the trash + printf( esc_html( _n( 'Item restored from the Trash.', '%d items restored from the Trash.', $_GET['untrashed'] ), number_format_i18n( $_GET['untrashed'] ) ) ); + unset( $_GET['undeleted'] ); } echo '

    '; @@ -628,16 +654,16 @@ function print_messages() { /** * Print the table navigation and filter controls, using the current user's filters if any are set. */ - function table_navigation() { - ?> + public function table_navigation() { + ?>
    story_budget_filters() as $select_id => $select_name ) { - echo $this->story_budget_filter_options( $select_id, $select_name, $this->user_filters ); - } + foreach ( $this->story_budget_filters() as $select_id => $select_name ) { + echo wp_kses_post( $this->story_budget_filter_options( $select_id, $select_name, $this->user_filters ) ); + } ?> @@ -647,8 +673,8 @@ function table_navigation() { story_budget_filters() as $select_id => $select_name ) { - echo ''; + foreach ( $this->story_budget_filters() as $select_id => $select_name ) { + echo ''; } ?> @@ -661,23 +687,23 @@ function table_navigation() {
    - $this->filter_get_param( 'post_status' ), - 'cat' => $this->filter_get_param( 'cat' ), - 'author' => $this->filter_get_param( 'author' ), - 'start_date' => $this->filter_get_param( 'start_date' ), - 'number_days' => $this->filter_get_param( 'number_days' ) + 'post_status' => $this->filter_get_param( 'post_status' ), + 'cat' => $this->filter_get_param( 'cat' ), + 'author' => $this->filter_get_param( 'author' ), + 'start_date' => $this->filter_get_param( 'start_date' ), + 'number_days' => $this->filter_get_param( 'number_days' ), ); $current_user_filters = array(); @@ -685,18 +711,20 @@ function update_user_filters() { // If any of the $_GET vars are missing, then use the current user filter foreach ( $user_filters as $key => $value ) { - if ( is_null( $value ) && !empty( $current_user_filters[$key] ) ) { - $user_filters[$key] = $current_user_filters[$key]; + if ( is_null( $value ) && ! empty( $current_user_filters[ $key ] ) ) { + $user_filters[ $key ] = $current_user_filters[ $key ]; } } - if ( !$user_filters['start_date'] ) + if ( ! $user_filters['start_date'] ) { $user_filters['start_date'] = date( 'Y-m-d' ); + } - if ( !$user_filters['number_days'] ) + if ( ! $user_filters['number_days'] ) { $user_filters['number_days'] = 10; + } - $user_filters = apply_filters('ef_story_budget_filter_values', $user_filters, $current_user_filters); + $user_filters = apply_filters( 'ef_story_budget_filter_values', $user_filters, $current_user_filters ); $this->update_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', $user_filters ); return $user_filters; @@ -708,15 +736,16 @@ function update_user_filters() { * * @return array The filters for the current user, or the default filters if the current user has none. */ - function get_user_filters() { + public function get_user_filters() { $current_user = wp_get_current_user(); $user_filters = array(); $user_filters = $this->get_user_meta( $current_user->ID, self::usermeta_key_prefix . 'filters', true ); // If usermeta didn't have filters already, insert defaults into DB - if ( empty( $user_filters ) ) + if ( empty( $user_filters ) ) { $user_filters = $this->update_user_filters(); + } return $user_filters; } @@ -724,72 +753,72 @@ function get_user_filters() { * * @param string $param The parameter to look for in $_GET * @return null if the parameter is not set in $_GET, empty string if the parameter is empty in $_GET, - * or a sanitized version of the parameter from $_GET if set and not empty + * or a sanitized version of the parameter from $_GET if set and not empty */ - function filter_get_param( $param ) { + public function filter_get_param( $param ) { // Sure, this could be done in one line. But we're cooler than that: let's make it more readable! - if ( !isset( $_GET[$param] ) ) { + if ( ! isset( $_GET[ $param ] ) ) { return null; - } else if ( empty( $_GET[$param] ) ) { + } else if ( empty( $_GET[ $param ] ) ) { return ''; } - return sanitize_key( $_GET[$param] ); + return sanitize_key( $_GET[ $param ] ); } - function story_budget_filters() { + public function story_budget_filters() { $select_filter_names = array(); $select_filter_names['post_status'] = 'post_status'; $select_filter_names['cat'] = 'cat'; $select_filter_names['author'] = 'author'; - return apply_filters('ef_story_budget_filter_names', $select_filter_names); + return apply_filters( 'ef_story_budget_filter_names', $select_filter_names ); } - function story_budget_filter_options( $select_id, $select_name, $filters ) { - switch( $select_id ) { + public function story_budget_filter_options( $select_id, $select_name, $filters ) { + switch ( $select_id ) { case 'post_status': - $post_stati = $this->get_budget_post_stati(); - ?> + $post_stati = $this->get_budget_post_stati(); + ?> - __( 'View all categories', 'edit-flow' ), 'hide_empty' => 0, 'hierarchical' => 1, 'show_count' => 0, 'orderby' => 'name', - 'selected' => $this->user_filters['cat'] - ); + 'selected' => $this->user_filters['cat'], + ); wp_dropdown_categories( $category_dropdown_args ); } - break; + break; case 'author': $users_dropdown_args = array( - 'show_option_all' => __( 'View all users', 'edit-flow' ), - 'name' => 'author', - 'selected' => $this->user_filters['author'], - 'who' => 'authors', - ); + 'show_option_all' => __( 'View all users', 'edit-flow' ), + 'name' => 'author', + 'selected' => $this->user_filters['author'], + 'who' => 'authors', + ); $users_dropdown_args = apply_filters( 'ef_story_budget_users_dropdown_args', $users_dropdown_args ); wp_dropdown_users( $users_dropdown_args ); - break; + break; default: - do_action( 'ef_story_budget_filter_display', $select_id, $select_name, $filters); - break; + do_action( 'ef_story_budget_filter_display', $select_id, $select_name, $filters ); + break; } } @@ -808,13 +837,12 @@ public function get_budget_post_stati() { $final_statuses = []; - foreach( $post_stati as $status ) { - if ( !empty( $custom_status_slug_keys[ $status->name ] ) ) { + foreach ( $post_stati as $status ) { + if ( ! empty( $custom_status_slug_keys[ $status->name ] ) ) { $final_statuses[] = $status; } } return apply_filters( 'ef_budget_post_stati', $final_statuses ); } - } diff --git a/modules/user-groups/user-groups.php b/modules/user-groups/user-groups.php index 85ac0c3fd..f1a457cab 100644 --- a/modules/user-groups/user-groups.php +++ b/modules/user-groups/user-groups.php @@ -9,564 +9,604 @@ * */ -if ( !class_exists( 'EF_User_Groups' ) ) { +if ( ! class_exists( 'EF_User_Groups' ) ) { -class EF_User_Groups extends EF_Module { + class EF_User_Groups extends EF_Module { - var $module; + public $module; - /** - * Keys for storing data - * - taxonomy_key - used for custom taxonomy - * - term_prefix - Used for custom taxonomy terms - */ - const taxonomy_key = 'ef_usergroup'; - const term_prefix = 'ef-usergroup-'; + /** + * Keys for storing data + * - taxonomy_key - used for custom taxonomy + * - term_prefix - Used for custom taxonomy terms + */ + // phpcs:ignore Generic.NamingConventions.UpperCaseConstantName.ClassConstantNotUpperCase + const taxonomy_key = 'ef_usergroup'; + // phpcs:ignore Generic.NamingConventions.UpperCaseConstantName.ClassConstantNotUpperCase + const term_prefix = 'ef-usergroup-'; - var $manage_usergroups_cap = 'edit_usergroups'; + public $manage_usergroups_cap = 'edit_usergroups'; - /** - * Register the module with Edit Flow but don't do anything else - * - * @since 0.7 - */ - function __construct( ) { - - $this->module_url = $this->get_module_url( __FILE__ ); - - // Register the User Groups module with Edit Flow - $args = array( - 'title' => __( 'User Groups', 'edit-flow' ), - 'short_description' => __( 'Organize your users into groups to mimic your organizational structure.', 'edit-flow' ), - 'extended_description' => __( 'Configure user groups to organize all of the users on your site. Each user can be in many user groups and you can change them at any time.', 'edit-flow' ), - 'module_url' => $this->module_url, - 'img_url' => $this->module_url . 'lib/usergroups_s128.png', - 'slug' => 'user-groups', - 'default_options' => array( - 'enabled' => 'on', - 'post_types' => array( - 'post' => 'on', - 'page' => 'off', + /** + * Register the module with Edit Flow but don't do anything else + * + * @since 0.7 + */ + public function __construct() { + + $this->module_url = $this->get_module_url( __FILE__ ); + + // Register the User Groups module with Edit Flow + $args = array( + 'title' => __( 'User Groups', 'edit-flow' ), + 'short_description' => __( 'Organize your users into groups to mimic your organizational structure.', 'edit-flow' ), + 'extended_description' => __( 'Configure user groups to organize all of the users on your site. Each user can be in many user groups and you can change them at any time.', 'edit-flow' ), + 'module_url' => $this->module_url, + 'img_url' => $this->module_url . 'lib/usergroups_s128.png', + 'slug' => 'user-groups', + 'default_options' => array( + 'enabled' => 'on', + 'post_types' => array( + 'post' => 'on', + 'page' => 'off', + ), ), - ), - 'messages' => array( - 'usergroup-added' => __( "User group created. Feel free to add users to the usergroup.", 'edit-flow' ), - 'usergroup-updated' => __( "User group updated.", 'edit-flow' ), - 'usergroup-missing' => __( "User group doesn't exist.", 'edit-flow' ), - 'usergroup-deleted' => __( "User group deleted.", 'edit-flow' ), - ), - 'configure_page_cb' => 'print_configure_view', - 'configure_link_text' => __( 'Manage User Groups', 'edit-flow' ), - 'autoload' => false, - 'settings_help_tab' => array( - 'id' => 'ef-user-groups-overview', - 'title' => __('Overview', 'edit-flow'), - 'content' => __('

    For those with many people involved in the publishing process, user groups helps you keep them organized.

    Currently, user groups are primarily used for subscribing a set of users to a post for notifications.

    ', 'edit-flow'), + 'messages' => array( + 'usergroup-added' => __( 'User group created. Feel free to add users to the usergroup.', 'edit-flow' ), + 'usergroup-updated' => __( 'User group updated.', 'edit-flow' ), + 'usergroup-missing' => __( "User group doesn't exist.", 'edit-flow' ), + 'usergroup-deleted' => __( 'User group deleted.', 'edit-flow' ), ), - 'settings_help_sidebar' => __( '

    For more information:

    User Groups Documentation

    Edit Flow Forum

    Edit Flow on Github

    ', 'edit-flow' ), - ); - $this->module = EditFlow()->register_module( 'user_groups', $args ); - - } - - /** - * Module startup - */ - - /** - * Initialize the rest of the stuff in the class if the module is active - * - * @since 0.7 - */ - function init() { - - // Register the objects where we'll be storing data and relationships - $this->register_usergroup_objects(); + 'configure_page_cb' => 'print_configure_view', + 'configure_link_text' => __( 'Manage User Groups', 'edit-flow' ), + 'autoload' => false, + 'settings_help_tab' => array( + 'id' => 'ef-user-groups-overview', + 'title' => __( 'Overview', 'edit-flow' ), + 'content' => __( '

    For those with many people involved in the publishing process, user groups helps you keep them organized.

    Currently, user groups are primarily used for subscribing a set of users to a post for notifications.

    ', 'edit-flow' ), + ), + 'settings_help_sidebar' => __( '

    For more information:

    User Groups Documentation

    Edit Flow Forum

    Edit Flow on Github

    ', 'edit-flow' ), + ); + $this->module = EditFlow()->register_module( 'user_groups', $args ); + } - $this->manage_usergroups_cap = apply_filters( 'ef_manage_usergroups_cap', $this->manage_usergroups_cap ); + /** + * Module startup + */ - // Register our settings - add_action( 'admin_init', array( $this, 'register_settings' ) ); + /** + * Initialize the rest of the stuff in the class if the module is active + * + * @since 0.7 + */ + public function init() { - // Handle any adding, editing or saving - add_action( 'admin_init', array( $this, 'handle_add_usergroup' ) ); - add_action( 'admin_init', array( $this, 'handle_edit_usergroup' ) ); - add_action( 'admin_init', array( $this, 'handle_delete_usergroup' ) ); - add_action( 'wp_ajax_inline_save_usergroup', array( $this, 'handle_ajax_inline_save_usergroup' ) ); + // Register the objects where we'll be storing data and relationships + $this->register_usergroup_objects(); - // Usergroups can be managed from the User profile view - add_action( 'show_user_profile', array( $this, 'user_profile_page' ) ); - add_action( 'edit_user_profile', array( $this, 'user_profile_page' ) ); - add_action( 'user_profile_update_errors', array( $this, 'user_profile_update' ), 10, 3 ); + $this->manage_usergroups_cap = apply_filters( 'ef_manage_usergroups_cap', $this->manage_usergroups_cap ); - // Javascript and CSS if we need it - add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_scripts' ) ); - add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_styles' ) ); + // Register our settings + add_action( 'admin_init', array( $this, 'register_settings' ) ); - } + // Handle any adding, editing or saving + add_action( 'admin_init', array( $this, 'handle_add_usergroup' ) ); + add_action( 'admin_init', array( $this, 'handle_edit_usergroup' ) ); + add_action( 'admin_init', array( $this, 'handle_delete_usergroup' ) ); + add_action( 'wp_ajax_inline_save_usergroup', array( $this, 'handle_ajax_inline_save_usergroup' ) ); - /** - * Load the capabilities onto users the first time the module is run - * - * @since 0.7 - */ - function install() { - - // Add necessary capabilities to allow management of user groups - $usergroup_roles = array( - 'administrator' => array('edit_usergroups'), - ); - foreach( $usergroup_roles as $role => $caps ) { - $this->add_caps_to_role( $role, $caps ); - } + // Usergroups can be managed from the User profile view + add_action( 'show_user_profile', array( $this, 'user_profile_page' ) ); + add_action( 'edit_user_profile', array( $this, 'user_profile_page' ) ); + add_action( 'user_profile_update_errors', array( $this, 'user_profile_update' ), 10, 3 ); - // Create our default usergroups - $default_usergroups = array( - array( - 'name' => __( 'Copy Editors', 'edit-flow' ), - 'description' => __( 'Making sure the quality is top-notch.', 'edit-flow' ), - ), - array( - 'name' => __( 'Photographers', 'edit-flow' ), - 'description' => __( 'Capturing the story visually.', 'edit-flow' ), - ), - array( - 'name' => __( 'Reporters', 'edit-flow' ), - 'description' => __( 'Out in the field, writing stories.', 'edit-flow' ), - ), - array( - 'name' => __( 'Section Editors', 'edit-flow' ), - 'description' => __( 'Providing feedback and direction.', 'edit-flow' ), - ), - ); - foreach( $default_usergroups as $args ) { - $this->add_usergroup( $args ); + // Javascript and CSS if we need it + add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_scripts' ) ); + add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_admin_styles' ) ); } - } - - /** - * Upgrade our data in case we need to - * - * @since 0.7 - */ - function upgrade( $previous_version ) { - global $edit_flow; - - // Upgrade path to v0.7 - if ( version_compare( $previous_version, '0.7' , '<' ) ) { - global $wpdb; + /** + * Load the capabilities onto users the first time the module is run + * + * @since 0.7 + */ + public function install() { + + // Add necessary capabilities to allow management of user groups + $usergroup_roles = array( + 'administrator' => array( 'edit_usergroups' ), + ); + foreach ( $usergroup_roles as $role => $caps ) { + $this->add_caps_to_role( $role, $caps ); + } - // Set all of the user group terms to our new taxonomy - $wpdb->update( $wpdb->term_taxonomy, array( 'taxonomy' => self::taxonomy_key ), array( 'taxonomy' => 'following_usergroups' ) ); + // Create our default usergroups + $default_usergroups = array( + array( + 'name' => __( 'Copy Editors', 'edit-flow' ), + 'description' => __( 'Making sure the quality is top-notch.', 'edit-flow' ), + ), + array( + 'name' => __( 'Photographers', 'edit-flow' ), + 'description' => __( 'Capturing the story visually.', 'edit-flow' ), + ), + array( + 'name' => __( 'Reporters', 'edit-flow' ), + 'description' => __( 'Out in the field, writing stories.', 'edit-flow' ), + ), + array( + 'name' => __( 'Section Editors', 'edit-flow' ), + 'description' => __( 'Providing feedback and direction.', 'edit-flow' ), + ), + ); + foreach ( $default_usergroups as $args ) { + $this->add_usergroup( $args ); + } + } - // Get all of the users who are a part of user groups and assign them to their new user group values - $query = "SELECT * FROM $wpdb->usermeta WHERE meta_key='wp_ef_usergroups';"; - $usergroup_users = $wpdb->get_results( $query ); + /** + * Upgrade our data in case we need to + * + * @since 0.7 + */ + public function upgrade( $previous_version ) { + global $edit_flow; + + // Upgrade path to v0.7 + if ( version_compare( $previous_version, '0.7', '<' ) ) { + global $wpdb; + + // Set all of the user group terms to our new taxonomy + $wpdb->update( $wpdb->term_taxonomy, array( 'taxonomy' => self::taxonomy_key ), array( 'taxonomy' => 'following_usergroups' ) ); + + // Get all of the users who are a part of user groups and assign them to their new user group values + $query = "SELECT * FROM $wpdb->usermeta WHERE meta_key='wp_ef_usergroups';"; + // There's no userdata here in this query and it's an upgrade query + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + $usergroup_users = $wpdb->get_results( $query ); + + // Sort all of the users based on their usergroup(s) + $users_to_add = array(); + foreach ( (array) $usergroup_users as $usergroup_user ) { + if ( is_object( $usergroup_user ) ) { + $users_to_add[ $usergroup_user->meta_value ][] = (int) $usergroup_user->user_id; + } + } + // Add user IDs to each usergroup + foreach ( $users_to_add as $usergroup_slug => $users_array ) { + $usergroup = $this->get_usergroup_by( 'slug', $usergroup_slug ); + $this->add_users_to_usergroup( $users_array, $usergroup->term_id ); + } + // Update the term slugs for each user group + $all_usergroups = $this->get_usergroups(); + foreach ( $all_usergroups as $usergroup ) { + $new_slug = str_replace( 'ef_', self::term_prefix, $usergroup->slug ); + $this->update_usergroup( $usergroup->term_id, array( 'slug' => $new_slug ) ); + } + + // Delete all of the previous usermeta values + $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key='wp_ef_usergroups';" ); + + // Technically we've run this code before so we don't want to auto-install new data + $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); - // Sort all of the users based on their usergroup(s) - $users_to_add = array(); - foreach( (array)$usergroup_users as $usergroup_user ) { - if ( is_object( $usergroup_user ) ) - $users_to_add[$usergroup_user->meta_value][] = (int)$usergroup_user->user_id; - } - // Add user IDs to each usergroup - foreach( $users_to_add as $usergroup_slug => $users_array ) { - $usergroup = $this->get_usergroup_by( 'slug', $usergroup_slug ); - $this->add_users_to_usergroup( $users_array, $usergroup->term_id ); } - // Update the term slugs for each user group - $all_usergroups = $this->get_usergroups(); - foreach( $all_usergroups as $usergroup ) { - $new_slug = str_replace( 'ef_', self::term_prefix, $usergroup->slug ); - $this->update_usergroup( $usergroup->term_id, array( 'slug' => $new_slug ) ); + // Upgrade path to v0.7.4 + if ( version_compare( $previous_version, '0.7.4', '<' ) ) { + // Usergroup descriptions become base64_encoded, instead of maybe json_encoded. + $this->upgrade_074_term_descriptions( self::taxonomy_key ); } - - // Delete all of the previous usermeta values - $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key='wp_ef_usergroups';" ); - - // Technically we've run this code before so we don't want to auto-install new data - $edit_flow->update_module_option( $this->module->name, 'loaded_once', true ); - - } - // Upgrade path to v0.7.4 - if ( version_compare( $previous_version, '0.7.4', '<' ) ) { - // Usergroup descriptions become base64_encoded, instead of maybe json_encoded. - $this->upgrade_074_term_descriptions( self::taxonomy_key ); } - } + /** + * Individual Usergroups are stored using a custom taxonomy + * Posts are associated with usergroups based on taxonomy relationship + * User associations are stored serialized in the term's description field + * + * @since 0.7 + * + * @uses register_taxonomy() + */ + public function register_usergroup_objects() { - /** - * Individual Usergroups are stored using a custom taxonomy - * Posts are associated with usergroups based on taxonomy relationship - * User associations are stored serialized in the term's description field - * - * @since 0.7 - * - * @uses register_taxonomy() - */ - function register_usergroup_objects() { + // Load the currently supported post types so we only register against those + $supported_post_types = $this->get_post_types_for_module( $this->module ); - // Load the currently supported post types so we only register against those - $supported_post_types = $this->get_post_types_for_module( $this->module ); + // Use a taxonomy to manage relationships between posts and usergroups + $args = array( + 'public' => false, + 'rewrite' => false, + ); + register_taxonomy( self::taxonomy_key, $supported_post_types, $args ); + } - // Use a taxonomy to manage relationships between posts and usergroups - $args = array( - 'public' => false, - 'rewrite' => false, - ); - register_taxonomy( self::taxonomy_key, $supported_post_types, $args ); - } + /** + * Enqueue necessary admin scripts + * + * @since 0.7 + * + * @uses wp_enqueue_script() + */ + public function enqueue_admin_scripts() { - /** - * Enqueue necessary admin scripts - * - * @since 0.7 - * - * @uses wp_enqueue_script() - */ - function enqueue_admin_scripts() { + if ( $this->is_whitelisted_functional_view() || $this->is_whitelisted_settings_view( $this->module->name ) ) { + wp_enqueue_script( 'jquery-listfilterizer' ); + wp_enqueue_script( 'edit-flow-user-groups-js', $this->module_url . 'lib/user-groups.js', array( 'jquery', 'jquery-listfilterizer' ), EDIT_FLOW_VERSION, true ); + } - if ( $this->is_whitelisted_functional_view() || $this->is_whitelisted_settings_view( $this->module->name ) ) { - wp_enqueue_script( 'jquery-listfilterizer' ); - wp_enqueue_script( 'edit-flow-user-groups-js', $this->module_url . 'lib/user-groups.js', array( 'jquery', 'jquery-listfilterizer' ), EDIT_FLOW_VERSION, true ); + if ( $this->is_whitelisted_settings_view( $this->module->name ) ) { + wp_enqueue_script( 'edit-flow-user-groups-configure-js', $this->module_url . 'lib/user-groups-configure.js', array( 'jquery' ), EDIT_FLOW_VERSION, true ); + } } - if ( $this->is_whitelisted_settings_view( $this->module->name ) ) - wp_enqueue_script( 'edit-flow-user-groups-configure-js', $this->module_url . 'lib/user-groups-configure.js', array( 'jquery' ), EDIT_FLOW_VERSION, true ); - } - - /** - * Enqueue necessary admin styles, but only on the proper pages - * - * @since 0.7 - * - * @uses wp_enqueue_style() - */ - function enqueue_admin_styles() { + /** + * Enqueue necessary admin styles, but only on the proper pages + * + * @since 0.7 + * + * @uses wp_enqueue_style() + */ + public function enqueue_admin_styles() { - if ( $this->is_whitelisted_functional_view() || $this->is_whitelisted_settings_view() ) { - wp_enqueue_style( 'jquery-listfilterizer' ); - wp_enqueue_style( 'edit-flow-user-groups-css', $this->module_url . 'lib/user-groups.css', false, EDIT_FLOW_VERSION ); + if ( $this->is_whitelisted_functional_view() || $this->is_whitelisted_settings_view() ) { + wp_enqueue_style( 'jquery-listfilterizer' ); + wp_enqueue_style( 'edit-flow-user-groups-css', $this->module_url . 'lib/user-groups.css', false, EDIT_FLOW_VERSION ); + } } - } - /** - * Module ??? - */ + /** + * Module ??? + */ - /** - * Handles a POST request to add a new Usergroup. Redirects to edit view after - * for admin to add users to usergroup - * Hooked into 'admin_init' and kicks out right away if no action - * - * @since 0.7 - */ - function handle_add_usergroup() { + /** + * Handles a POST request to add a new Usergroup. Redirects to edit view after + * for admin to add users to usergroup + * Hooked into 'admin_init' and kicks out right away if no action + * + * @since 0.7 + */ + public function handle_add_usergroup() { - if ( !isset( $_POST['submit'], $_POST['form-action'], $_GET['page'] ) - || $_GET['page'] != $this->module->settings_slug || $_POST['form-action'] != 'add-usergroup' ) + if ( ! isset( $_POST['submit'], $_POST['form-action'], $_GET['page'] ) + || $_GET['page'] != $this->module->settings_slug || 'add-usergroup' != $_POST['form-action'] ) { return; + } + + if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'add-usergroup' ) ) { + wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); + } - if ( !wp_verify_nonce( $_POST['_wpnonce'], 'add-usergroup' ) ) - wp_die( $this->module->messages['nonce-failed'] ); + if ( ! current_user_can( $this->manage_usergroups_cap ) ) { + wp_die( esc_html( $this->module->messages['invalid-permissions'] ) ); + } - if ( !current_user_can( $this->manage_usergroups_cap ) ) - wp_die( $this->module->messages['invalid-permissions'] ); + // Sanitize all of the user-entered values + $name = ( isset( $_POST['name'] ) ) ? sanitize_text_field( trim( $_POST['name'] ) ) : ''; + $description = ( isset( $_POST['description'] ) ) ? stripslashes( wp_filter_nohtml_kses( trim( $_POST['description'] ) ) ) : ''; + + $_REQUEST['form-errors'] = array(); + + /** + * Form validation for adding new Usergroup + * + * Details + * - 'name' is a required field, but can't match an existing name or slug. Needs to be 40 characters or less + * - "description" can accept a limited amount of HTML, and is optional + */ + // Field is required + if ( empty( $name ) ) { + $_REQUEST['form-errors']['name'] = __( 'Please enter a name for the user group.', 'edit-flow' ); + } + // Check to ensure a term with the same name doesn't exist + if ( $this->get_usergroup_by( 'name', $name ) ) { + $_REQUEST['form-errors']['name'] = __( 'Name already in use. Please choose another.', 'edit-flow' ); + } + // Check to ensure a term with the same slug doesn't exist + if ( $this->get_usergroup_by( 'slug', sanitize_title( $name ) ) ) { + $_REQUEST['form-errors']['name'] = __( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ); + } + if ( strlen( $name ) > 40 ) { + $_REQUEST['form-errors']['name'] = __( 'User group name cannot exceed 40 characters. Please try a shorter name.', 'edit-flow' ); + } + // Kick out if there are any errors + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated + if ( count( $_REQUEST['form-errors'] ) ) { + $_REQUEST['error'] = 'form-error'; + return; + } - // Sanitize all of the user-entered values - $name = strip_tags( trim( $_POST['name'] ) ); - $description = stripslashes( strip_tags( trim( $_POST['description'] ) ) ); + // Try to add the Usergroup + $args = array( + 'name' => $name, + 'description' => $description, + ); + $usergroup = $this->add_usergroup( $args ); + if ( is_wp_error( $usergroup ) ) { + wp_die( esc_html__( 'Error adding usergroup.', 'edit-flow' ) ); + } - $_REQUEST['form-errors'] = array(); + $args = array( + 'action' => 'edit-usergroup', + 'usergroup-id' => $usergroup->term_id, + 'message' => 'usergroup-added', + ); + $redirect_url = $this->get_link( $args ); + wp_redirect( $redirect_url ); + exit; + } /** - * Form validation for adding new Usergroup + * Handles a POST request to edit a Usergroup + * Hooked into 'admin_init' and kicks out right away if no action * - * Details - * - 'name' is a required field, but can't match an existing name or slug. Needs to be 40 characters or less - * - "description" can accept a limited amount of HTML, and is optional + * @since 0.7 */ - // Field is required - if ( empty( $name ) ) - $_REQUEST['form-errors']['name'] = __( 'Please enter a name for the user group.', 'edit-flow' ); - // Check to ensure a term with the same name doesn't exist - if ( $this->get_usergroup_by( 'name', $name ) ) - $_REQUEST['form-errors']['name'] = __( 'Name already in use. Please choose another.', 'edit-flow' ); - // Check to ensure a term with the same slug doesn't exist - if ( $this->get_usergroup_by( 'slug', sanitize_title( $name ) ) ) - $_REQUEST['form-errors']['name'] = __( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ); - if ( strlen( $name ) > 40 ) - $_REQUEST['form-errors']['name'] = __( 'User group name cannot exceed 40 characters. Please try a shorter name.', 'edit-flow' ); - // Kick out if there are any errors - if ( count( $_REQUEST['form-errors'] ) ) { - $_REQUEST['error'] = 'form-error'; - return; - } - - // Try to add the Usergroup - $args = array( - 'name' => $name, - 'description' => $description, - ); - $usergroup = $this->add_usergroup( $args ); - if ( is_wp_error( $usergroup ) ) - wp_die( __( 'Error adding usergroup.', 'edit-flow' ) ); - - $args = array( - 'action' => 'edit-usergroup', - 'usergroup-id' => $usergroup->term_id, - 'message' => 'usergroup-added' - ); - $redirect_url = $this->get_link( $args ); - wp_redirect( $redirect_url ); - exit; - } - - /** - * Handles a POST request to edit a Usergroup - * Hooked into 'admin_init' and kicks out right away if no action - * - * @since 0.7 - */ - function handle_edit_usergroup() { - if ( !isset( $_POST['submit'], $_POST['form-action'], $_GET['page'] ) - || $_GET['page'] != $this->module->settings_slug || $_POST['form-action'] != 'edit-usergroup' ) + public function handle_edit_usergroup() { + if ( ! isset( $_POST['submit'], $_POST['form-action'], $_GET['page'] ) + || $_GET['page'] != $this->module->settings_slug || 'edit-usergroup' != $_POST['form-action'] ) { return; + } + + if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'edit-usergroup' ) ) { + wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); + } - if ( !wp_verify_nonce( $_POST['_wpnonce'], 'edit-usergroup' ) ) - wp_die( $this->module->messages['nonce-failed'] ); + if ( ! current_user_can( $this->manage_usergroups_cap ) ) { + wp_die( esc_html( $this->module->messages['invalid-permissions'] ) ); + } - if ( !current_user_can( $this->manage_usergroups_cap ) ) - wp_die( $this->module->messages['invalid-permissions'] ); + $usergroup_id = isset( $_POST['usergroup_id'] ) ? (int) $_POST['usergroup_id'] : 0; + $existing_usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); + if ( ! $existing_usergroup ) { + wp_die( esc_html( $this->module->messages['usergroup-missing'] ) ); + } - if ( !$existing_usergroup = $this->get_usergroup_by( 'id', (int)$_POST['usergroup_id'] ) ) - wp_die( $this->module->messages['usergroup-missing'] ); + // Sanitize all of the user-entered values + $name = isset( $_POST['name'] ) ? sanitize_text_field( trim( $_POST['name'] ) ) : ''; + $description = isset( $_POST['description'] ) ? stripslashes( wp_filter_nohtml_kses( trim( $_POST['description'] ) ) ) : ''; + + $_REQUEST['form-errors'] = array(); + + /** + * Form validation for editing a Usergroup + * + * Details + * - 'name' is a required field, but can't match an existing name or slug. Needs to be 40 characters or less + * - "description" can accept a limited amount of HTML, and is optional + */ + // Field is required + if ( empty( $name ) ) { + $_REQUEST['form-errors']['name'] = __( 'Please enter a name for the user group.', 'edit-flow' ); + } + // Check to ensure a term with the same name doesn't exist + $search_term = $this->get_usergroup_by( 'name', $name ); + if ( is_object( $search_term ) && $search_term->term_id != $existing_usergroup->term_id ) { + $_REQUEST['form-errors']['name'] = __( 'Name already in use. Please choose another.', 'edit-flow' ); + } + // Check to ensure a term with the same slug doesn't exist + $search_term = $this->get_usergroup_by( 'slug', sanitize_title( $name ) ); + if ( is_object( $search_term ) && $search_term->term_id != $existing_usergroup->term_id ) { + $_REQUEST['form-errors']['name'] = __( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ); + } + if ( strlen( $name ) > 40 ) { + $_REQUEST['form-errors']['name'] = __( 'User group name cannot exceed 40 characters. Please try a shorter name.', 'edit-flow' ); + } + // Kick out if there are any errors + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated + if ( count( $_REQUEST['form-errors'] ) ) { + $_REQUEST['error'] = 'form-error'; + return; + } - // Sanitize all of the user-entered values - $name = strip_tags( trim( $_POST['name'] ) ); - $description = stripslashes( strip_tags( trim( $_POST['description'] ) ) ); + // Try to edit the Usergroup + $args = array( + 'name' => $name, + 'description' => $description, + ); + // Gracefully handle the case where all users have been unsubscribed from the user group + $users = isset( $_POST['usergroup_users'] ) ? (array) $_POST['usergroup_users'] : array(); + $users = array_map( 'intval', $users ); + $usergroup = $this->update_usergroup( $existing_usergroup->term_id, $args, $users ); + if ( is_wp_error( $usergroup ) ) { + wp_die( esc_html__( 'Error updating user group.', 'edit-flow' ) ); + } - $_REQUEST['form-errors'] = array(); + $args = array( + 'message' => 'usergroup-updated', + ); + $redirect_url = $this->get_link( $args ); + wp_redirect( $redirect_url ); + exit; + } /** - * Form validation for editing a Usergroup + * Handles a request to delete a Usergroup. + * Hooked into 'admin_init' and kicks out right away if no action * - * Details - * - 'name' is a required field, but can't match an existing name or slug. Needs to be 40 characters or less - * - "description" can accept a limited amount of HTML, and is optional + * @since 0.7 */ - // Field is required - if ( empty( $name ) ) - $_REQUEST['form-errors']['name'] = __( 'Please enter a name for the user group.', 'edit-flow' ); - // Check to ensure a term with the same name doesn't exist - $search_term = $this->get_usergroup_by( 'name', $name ); - if ( is_object( $search_term ) && $search_term->term_id != $existing_usergroup->term_id ) - $_REQUEST['form-errors']['name'] = __( 'Name already in use. Please choose another.', 'edit-flow' ); - // Check to ensure a term with the same slug doesn't exist - $search_term = $this->get_usergroup_by( 'slug', sanitize_title( $name ) ); - if ( is_object( $search_term ) && $search_term->term_id != $existing_usergroup->term_id ) - $_REQUEST['form-errors']['name'] = __( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ); - if ( strlen( $name ) > 40 ) - $_REQUEST['form-errors']['name'] = __( 'User group name cannot exceed 40 characters. Please try a shorter name.', 'edit-flow' ); - // Kick out if there are any errors - if ( count( $_REQUEST['form-errors'] ) ) { - $_REQUEST['error'] = 'form-error'; - return; - } - - // Try to edit the Usergroup - $args = array( - 'name' => $name, - 'description' => $description, - ); - // Gracefully handle the case where all users have been unsubscribed from the user group - $users = isset( $_POST['usergroup_users'] ) ? (array)$_POST['usergroup_users'] : array(); - $users = array_map( 'intval', $users ); - $usergroup = $this->update_usergroup( $existing_usergroup->term_id, $args, $users ); - if ( is_wp_error( $usergroup ) ) - wp_die( __( 'Error updating user group.', 'edit-flow' ) ); - - $args = array( - 'message' => 'usergroup-updated', - ); - $redirect_url = $this->get_link( $args ); - wp_redirect( $redirect_url ); - exit; - } - - /** - * Handles a request to delete a Usergroup. - * Hooked into 'admin_init' and kicks out right away if no action - * - * @since 0.7 - */ - function handle_delete_usergroup() { - if ( !isset( $_GET['page'], $_GET['action'], $_GET['usergroup-id'] ) - || $_GET['page'] != $this->module->settings_slug || $_GET['action'] != 'delete-usergroup' ) + public function handle_delete_usergroup() { + if ( ! isset( $_GET['page'], $_GET['action'], $_GET['usergroup-id'] ) + || $_GET['page'] != $this->module->settings_slug || 'delete-usergroup' != $_GET['action'] ) { return; + } - if ( !wp_verify_nonce( $_GET['nonce'], 'delete-usergroup' ) ) - wp_die( $this->module->messages['nonce-failed'] ); + if ( ! isset( $_GET['nonce'] ) || ! wp_verify_nonce( $_GET['nonce'], 'delete-usergroup' ) ) { + wp_die( esc_html( $this->module->messages['nonce-failed'] ) ); + } - if ( !current_user_can( $this->manage_usergroups_cap ) ) - wp_die( $this->module->messages['invalid-permissions'] ); + if ( ! current_user_can( $this->manage_usergroups_cap ) ) { + wp_die( esc_html( $this->module->messages['invalid-permissions'] ) ); + } - $result = $this->delete_usergroup( (int)$_GET['usergroup-id'] ); - if ( !$result || is_wp_error( $result ) ) - wp_die( __( 'Error deleting user group.', 'edit-flow' ) ); + $result = $this->delete_usergroup( (int) $_GET['usergroup-id'] ); + if ( ! $result || is_wp_error( $result ) ) { + wp_die( esc_html__( 'Error deleting user group.', 'edit-flow' ) ); + } - $redirect_url = $this->get_link( array( 'message' => 'usergroup-deleted' ) ); - wp_redirect( $redirect_url ); - exit; - } + $redirect_url = $this->get_link( array( 'message' => 'usergroup-deleted' ) ); + wp_redirect( $redirect_url ); + exit; + } - /** - * Handle the request to update a given Usergroup via inline edit - * - * @since 0.7 - */ - function handle_ajax_inline_save_usergroup() { + /** + * Handle the request to update a given Usergroup via inline edit + * + * @since 0.7 + */ + public function handle_ajax_inline_save_usergroup() { - if ( !wp_verify_nonce( $_POST['inline_edit'], 'usergroups-inline-edit-nonce' ) ) - die( $this->module->messages['nonce-failed'] ); + if ( ! isset( $_POST['inline_edit'] ) || ! wp_verify_nonce( $_POST['inline_edit'], 'usergroups-inline-edit-nonce' ) ) { + die( esc_html( $this->module->messages['nonce-failed'] ) ); + } - if ( !current_user_can( $this->manage_usergroups_cap ) ) - die( $this->module->messages['invalid-permissions'] ); + if ( ! current_user_can( $this->manage_usergroups_cap ) ) { + die( esc_html( $this->module->messages['invalid-permissions'] ) ); + } - $usergroup_id = (int) $_POST['usergroup_id']; - if ( !$existing_term = $this->get_usergroup_by( 'id', $usergroup_id ) ) - die( $this->module->messages['usergroup-missing'] ); + $usergroup_id = isset( $_POST['usergroup_id'] ) ? (int) $_POST['usergroup_id'] : 0; + if ( ! $existing_term = $this->get_usergroup_by( 'id', $usergroup_id ) ) { + die( esc_html( $this->module->messages['usergroup-missing'] ) ); + } - $name = strip_tags( trim( $_POST['name'] ) ); - $description = stripslashes( strip_tags( trim( $_POST['description'] ) ) ); + $name = isset( $_POST['name'] ) ? sanitize_text_field( trim( $_POST['name'] ) ) : ''; + $description = isset( $_POST['description'] ) ? stripslashes( wp_filter_nohtml_kses( trim( $_POST['description'] ) ) ) : ''; - /** - * Form validation for editing Usergroup - */ - // Check if name field was filled in - if ( empty( $name ) ) { - $change_error = new WP_Error( 'invalid', __( 'Please enter a name for the user group.', 'edit-flow' ) ); - die( $change_error->get_error_message() ); - } - // Check that the name doesn't exceed 40 chars - if ( strlen( $name ) > 40 ) { - $change_error = new WP_Error( 'invalid', __( 'User group name cannot exceed 40 characters. Please try a shorter name.' ) ); - die( $change_error->get_error_message() ); - } - // Check to ensure a term with the same name doesn't exist - $search_term = $this->get_usergroup_by( 'name', $name ); - if ( is_object( $search_term ) && $search_term->term_id != $existing_term->term_id ) { - $change_error = new WP_Error( 'invalid', __( 'Name already in use. Please choose another.', 'edit-flow' ) ); - die( $change_error->get_error_message() ); - } - // Check to ensure a term with the same slug doesn't exist - $search_term = $this->get_usergroup_by( 'slug', sanitize_title( $name ) ); - if ( is_object( $search_term ) && $search_term->term_id != $existing_term->term_id ) { - $change_error = new WP_Error( 'invalid', __( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ) ); - die( $change_error->get_error_message() ); - } + /** + * Form validation for editing Usergroup + */ + // Check if name field was filled in + if ( empty( $name ) ) { + $change_error = new WP_Error( 'invalid', esc_html__( 'Please enter a name for the user group.', 'edit-flow' ) ); + die( esc_html( $change_error->get_error_message() ) ); + } + // Check that the name doesn't exceed 40 chars + if ( strlen( $name ) > 40 ) { + $change_error = new WP_Error( 'invalid', esc_html__( 'User group name cannot exceed 40 characters. Please try a shorter name.' ) ); + die( esc_html( $change_error->get_error_message() ) ); + } + // Check to ensure a term with the same name doesn't exist + $search_term = $this->get_usergroup_by( 'name', $name ); + if ( is_object( $search_term ) && $search_term->term_id != $existing_term->term_id ) { + $change_error = new WP_Error( 'invalid', esc_html__( 'Name already in use. Please choose another.', 'edit-flow' ) ); + die( esc_html( $change_error->get_error_message() ) ); + } + // Check to ensure a term with the same slug doesn't exist + $search_term = $this->get_usergroup_by( 'slug', sanitize_title( $name ) ); + if ( is_object( $search_term ) && $search_term->term_id != $existing_term->term_id ) { + $change_error = new WP_Error( 'invalid', esc_html__( 'Name conflicts with slug for another term. Please choose again.', 'edit-flow' ) ); + die( esc_html( $change_error->get_error_message() ) ); + } - // Prepare the term name and description for saving - $args = array( - 'name' => $name, - 'description' => $description, - ); - $return = $this->update_usergroup( $existing_term->term_id, $args ); - if( !is_wp_error( $return ) ) { - set_current_screen( 'edit-usergroup' ); - $wp_list_table = new EF_Usergroups_List_Table(); - $wp_list_table->prepare_items(); - echo $wp_list_table->single_row( $return ); - die(); - } else { - $change_error = new WP_Error( 'invalid', sprintf( __( 'Could not update the user group: %s', 'edit-flow' ), $usergroup_name ) ); - die( $change_error->get_error_message() ); + // Prepare the term name and description for saving + $args = array( + 'name' => $name, + 'description' => $description, + ); + $return = $this->update_usergroup( $existing_term->term_id, $args ); + if ( ! is_wp_error( $return ) ) { + set_current_screen( 'edit-usergroup' ); + $wp_list_table = new EF_Usergroups_List_Table(); + $wp_list_table->prepare_items(); + echo wp_kses_post( $wp_list_table->single_row( $return ) ); + die(); + } else { + // translators: %s is the name of the user group + $change_error = new WP_Error( 'invalid', sprintf( __( 'Could not update the user group: %s', 'edit-flow' ), $name ) ); + die( wp_kses( $change_error->get_error_message(), 'strong' ) ); + } } - } - - /** - * Register settings for notifications so we can partially use the Settings API - * (We use the Settings API for form generation, but not saving) - * - * @since 0.7 - * @uses add_settings_section(), add_settings_field() - */ - function register_settings() { + /** + * Register settings for notifications so we can partially use the Settings API + * (We use the Settings API for form generation, but not saving) + * + * @since 0.7 + * @uses add_settings_section(), add_settings_field() + */ + public function register_settings() { add_settings_section( $this->module->options_group_name . '_general', false, '__return_false', $this->module->options_group_name ); add_settings_field( 'post_types', __( 'Add to these post types:', 'edit-flow' ), array( $this, 'settings_post_types_option' ), $this->module->options_group_name, $this->module->options_group_name . '_general' ); - } + } - /** - * Choose the post types for Usergroups - * - * @since 0.7 - */ - function settings_post_types_option() { - global $edit_flow; - $edit_flow->settings->helper_option_custom_post_type( $this->module ); - } + /** + * Choose the post types for Usergroups + * + * @since 0.7 + */ + public function settings_post_types_option() { + global $edit_flow; + $edit_flow->settings->helper_option_custom_post_type( $this->module ); + } - /** - * Validate data entered by the user - * - * @since 0.7 - * - * @param array $new_options New values that have been entered by the user - * @return array $new_options Form values after they've been sanitized - */ - function settings_validate( $new_options ) { + /** + * Validate data entered by the user + * + * @since 0.7 + * + * @param array $new_options New values that have been entered by the user + * @return array $new_options Form values after they've been sanitized + */ + public function settings_validate( $new_options ) { - // Whitelist validation for the post type options - if ( !isset( $new_options['post_types'] ) ) - $new_options['post_types'] = array(); - $new_options['post_types'] = $this->clean_post_type_options( $new_options['post_types'], $this->module->post_type_support ); + // Whitelist validation for the post type options + if ( ! isset( $new_options['post_types'] ) ) { + $new_options['post_types'] = array(); + } + $new_options['post_types'] = $this->clean_post_type_options( $new_options['post_types'], $this->module->post_type_support ); - return $new_options; - } + return $new_options; + } - /** - * Build a configuration view so we can manage our usergroups - * - * @since 0.7 - */ - function print_configure_view() { - global $edit_flow; - - if ( isset( $_GET['action'], $_GET['usergroup-id'] ) && $_GET['action'] == 'edit-usergroup' ) : - /** Full page width view for editing a given usergroup **/ - // Check whether the usergroup exists - $usergroup_id = (int)$_GET['usergroup-id']; - $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); - if ( !$usergroup ) { - echo '

    ' . $this->module->messages['usergroup-missing'] . '

    '; - return; - } - $name = ( isset( $_POST['name'] ) ) ? stripslashes( $_POST['name'] ) : $usergroup->name; - $description = ( isset( $_POST['description'] ) ) ? stripslashes( $_POST['description'] ) : $usergroup->description; - ?> -
    + /** + * Build a configuration view so we can manage our usergroups + * + * @since 0.7 + * Disabling nonce verification because that is not available here, it's just rendering it. The actual save is done in helper_settings_validate_and_save and that's guarded well. + * phpcs:disable:WordPress.Security.NonceVerification.Missing + */ + public function print_configure_view() { + global $edit_flow; + + if ( isset( $_GET['action'], $_GET['usergroup-id'] ) && 'edit-usergroup' == $_GET['action'] ) : + /** Full page width view for editing a given usergroup **/ + // Check whether the usergroup exists + $usergroup_id = (int) $_GET['usergroup-id']; + $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); + if ( ! $usergroup ) { + echo '

    ' . esc_html( $this->module->messages['usergroup-missing'] ) . '

    '; + return; + } + $name = ( isset( $_POST['name'] ) ) ? stripslashes( $_POST['name'] ) : $usergroup->name; + $description = ( isset( $_POST['description'] ) ) ? strip_tags( stripslashes( $_POST['description'] ) ) : $usergroup->description; + ?> +

    - 'ef-post_following_list', - 'input_id' => 'usergroup_users' + 'input_id' => 'usergroup_users', ); - ?> - users_select_form( $usergroup->user_ids , $select_form_args ); ?> + ?> + users_select_form( $usergroup->user_ids, $select_form_args ); ?>
    - + ?>
    @@ -578,17 +618,18 @@ function print_configure_view() { settings->helper_print_error_or_description( 'description', __( 'The description is primarily for administrative use, to give you some context on what the user group is to be used for.', 'edit-flow' ) ); ?>

    - +

    - prepare_items(); - ?> + prepare_items(); + ?> @@ -597,64 +638,70 @@ function print_configure_view() {
    - +
    module->options_group_name ); ?> module->options_group_name ); ?> module->name ) . '" />'; ?>
    - - + +
    - + settings->helper_print_error_or_description( 'name', __( 'The name is used to identify the user group.', 'edit-flow' ) ); ?>
    - + settings->helper_print_error_or_description( 'description', __( 'The description is primarily for administrative use, to give you some context on what the user group is to be used for.', 'edit-flow' ) ); ?>
    '; ?> -

    +

    - inline_edit(); ?> - inline_edit(); ?> + manage_usergroups_cap ) ) - return; + if ( ! $user_id || ! current_user_can( $this->manage_usergroups_cap ) ) { + return; + } - //Don't allow display of user groups from network - if ( ( !is_null( get_current_screen() ) ) && ( get_current_screen()->is_network ) ) - return; + //Don't allow display of user groups from network + if ( ( ! is_null( get_current_screen() ) ) && ( get_current_screen()->is_network ) ) { + return; + } - // Assemble all necessary data - $usergroups = $this->get_usergroups(); - $selected_usergroups = $this->get_usergroups_for_user( $user_id ); - $usergroups_form_args = array( 'input_id' => 'ef_usergroups' ); - ?> + // Assemble all necessary data + $usergroups = $this->get_usergroups(); + $selected_usergroups = $this->get_usergroups_for_user( $user_id ); + $usergroups_form_args = array( 'input_id' => 'ef_usergroups' ); + ?>
    -

    - ID ) : ?> -

    +

    + ID === $user_id ) : ?> +

    -

    +

    @@ -666,571 +713,599 @@ function user_profile_page() {
    - - is_network ) { - return; - } + + manage_usergroups_cap ) && wp_verify_nonce( $_POST['ef_edit_profile_usergroups_nonce'], 'ef_edit_profile_usergroups_nonce' ) ) { - // Sanitize the data and save - // Gracefully handle the case where the user was unsubscribed from all usergroups - $usergroups = isset( $_POST['ef_usergroups'] ) ? array_map( 'intval', (array)$_POST['ef_usergroups'] ) : array(); - $all_usergroups = $this->get_usergroups(); - foreach( $all_usergroups as $usergroup ) { - if ( in_array( $usergroup->term_id, $usergroups ) ) - $this->add_user_to_usergroup( $user->ID, $usergroup->term_id ); - else - $this->remove_user_from_usergroup( $user->ID, $usergroup->term_id ); + /** + * Function called when a user's profile is updated + * Adds user to specified usergroups + * + * @since 0.7 + * + * @param ??? + * @param ??? + * @param ??? + * @return ??? + */ + public function user_profile_update( $errors, $update, $user ) { + + if ( ! $update ) { + return array( &$errors, $update, &$user ); } - } - return array( &$errors, $update, &$user ); - } + // `get_current_screen()` is defined on most admin pages, but not all. + if ( function_exists( 'get_current_screen' ) ) { + //Don't allow update of user groups from network + $screen = get_current_screen(); + if ( ! is_null( $screen ) && $screen->is_network ) { + return; + } + } - /** - * Generate a link to one of the usergroups actions - * - * @since 0.7 - * - * @param string $action Action we want the user to take - * @param array $args Any query args to add to the URL - * @return string $link Direct link to delete a usergroup - */ - function get_link( $args = array() ) { - if ( !isset( $args['action'] ) ) - $args['action'] = ''; - if ( !isset( $args['page'] ) ) - $args['page'] = $this->module->settings_slug; - // Add other things we may need depending on the action - switch( $args['action'] ) { - case 'delete-usergroup': - $args['nonce'] = wp_create_nonce( $args['action'] ); - break; - default: - break; + if ( isset( $_POST['ef_edit_profile_usergroups_nonce'] ) && current_user_can( $this->manage_usergroups_cap ) && wp_verify_nonce( $_POST['ef_edit_profile_usergroups_nonce'], 'ef_edit_profile_usergroups_nonce' ) ) { + // Sanitize the data and save + // Gracefully handle the case where the user was unsubscribed from all usergroups + $usergroups = isset( $_POST['ef_usergroups'] ) ? array_map( 'intval', (array) $_POST['ef_usergroups'] ) : array(); + $all_usergroups = $this->get_usergroups(); + foreach ( $all_usergroups as $usergroup ) { + if ( in_array( $usergroup->term_id, $usergroups ) ) { + $this->add_user_to_usergroup( $user->ID, $usergroup->term_id ); + } else { + $this->remove_user_from_usergroup( $user->ID, $usergroup->term_id ); + } + } + } + + return array( &$errors, $update, &$user ); } - return add_query_arg( $args, get_admin_url( null, 'admin.php' ) ); - } - /** - * Displays a list of usergroups with checkboxes - * - * @since 0.7 - * - * @param array $selected List of usergroup keys that should be checked - * @param array $args ??? - */ - function usergroups_select_form( $selected = array(), $args = null ) { - - // TODO add $args for additional options - // e.g. showing members assigned to group (John Smith, Jane Doe, and 9 others) - // before , after , class, id names? - $defaults = array( - 'list_class' => 'ef-post_following_list', - 'list_id' => 'ef-following_usergroups', - 'input_id' => 'following_usergroups' - ); - - $parsed_args = wp_parse_args( $args, $defaults ); - extract( $parsed_args, EXTR_SKIP ); - $usergroups = $this->get_usergroups(); - if ( empty($usergroups) ) { - ?> -

    - module->settings_slug; + } + // Add other things we may need depending on the action + switch ( $args['action'] ) { + case 'delete-usergroup': + $args['nonce'] = wp_create_nonce( $args['action'] ); + break; + default: + break; + } + return add_query_arg( $args, get_admin_url( null, 'admin.php' ) ); + } - ?> - - self::taxonomy_key, + 'hide_empty' => isset( $args['hide_empty'] ), + )); + if ( ! $usergroup_terms ) { + return false; + } - // Run the usergroups through get_usergroup_by() so we load users too - $usergroups = array(); - foreach( $usergroup_terms as $usergroup_term ) { - $usergroups[] = $this->get_usergroup_by( 'id', $usergroup_term->term_id ); + // Run the usergroups through get_usergroup_by() so we load users too + $usergroups = array(); + foreach ( $usergroup_terms as $usergroup_term ) { + $usergroups[] = $this->get_usergroup_by( 'id', $usergroup_term->term_id ); + } + return $usergroups; } - return $usergroups; - } - - /** - * Get all of the data associated with a single usergroup - * Usergroup contains: - * - ID (key = term_id) - * - Slug (prefixed with our special key to avoid conflicts) - * - Name - * - Description - * - User IDs (array of IDs) - * - * @since 0.7 - * - * @param string $field 'id', 'name', or 'slug' - * @param int|string $value Value for the search field - * @return object|array|WP_Error $usergroup Usergroup information as specified by $output - */ - function get_usergroup_by( $field, $value ) { - $usergroup = get_term_by( $field, $value, self::taxonomy_key ); + /** + * Get all of the data associated with a single usergroup + * Usergroup contains: + * - ID (key = term_id) + * - Slug (prefixed with our special key to avoid conflicts) + * - Name + * - Description + * - User IDs (array of IDs) + * + * @since 0.7 + * + * @param string $field 'id', 'name', or 'slug' + * @param int|string $value Value for the search field + * @return object|array|WP_Error $usergroup Usergroup information as specified by $output + */ + public function get_usergroup_by( $field, $value ) { - if ( !$usergroup || is_wp_error( $usergroup ) ) - return $usergroup; + $usergroup = get_term_by( $field, $value, self::taxonomy_key ); - // We're using an encoded description field to store extra values - // Declare $user_ids ahead of time just in case it's empty - $usergroup->user_ids = array(); - $unencoded_description = $this->get_unencoded_description( $usergroup->description ); - if ( is_array( $unencoded_description ) ) { - foreach( $unencoded_description as $key => $value ) { - $usergroup->$key = $value; + if ( ! $usergroup || is_wp_error( $usergroup ) ) { + return $usergroup; } - } - $usergroup = apply_filters( 'ef_usergroup_object', $usergroup ); + // We're using an encoded description field to store extra values + // Declare $user_ids ahead of time just in case it's empty + $usergroup->user_ids = array(); + $unencoded_description = $this->get_unencoded_description( $usergroup->description ); + if ( is_array( $unencoded_description ) ) { + foreach ( $unencoded_description as $key => $value ) { + $usergroup->$key = $value; + } + } - return $usergroup; - } + $usergroup = apply_filters( 'ef_usergroup_object', $usergroup ); - /** - * Create a new usergroup containing: - * - Name - * - Slug (prefixed with our special key to avoid conflicts) - * - Description - * - Users - * - * @since 0.7 - * - * @param array $args Name (optional), slug and description for the usergroup - * @param array $user_ids IDs for the users to be added to the Usergroup - * @return object|WP_Error $usergroup Object for the new Usergroup on success, WP_Error otherwise - */ - function add_usergroup( $args = array(), $user_ids = array() ) { - - if ( !isset( $args['name'] ) ) - return new WP_Error( 'invalid', __( 'New user groups must have a name', 'edit-flow' ) ); - - $name = $args['name']; - $default = array( - 'name' => '', - 'slug' => self::term_prefix . sanitize_title( $name ), - 'description' => '', - ); - $args = array_merge( $default, $args ); - - // Encode our extra fields and then store them in the description field - $args_to_encode = array( - 'description' => $args['description'], - 'user_ids' => array_unique( $user_ids ), - ); - $encoded_description = $this->get_encoded_description( $args_to_encode ); - $args['description'] = $encoded_description; - $usergroup = wp_insert_term( $name, self::taxonomy_key, $args ); - if ( is_wp_error( $usergroup ) ) return $usergroup; + } - return $this->get_usergroup_by( 'id', $usergroup['term_id'] ); - } + /** + * Create a new usergroup containing: + * - Name + * - Slug (prefixed with our special key to avoid conflicts) + * - Description + * - Users + * + * @since 0.7 + * + * @param array $args Name (optional), slug and description for the usergroup + * @param array $user_ids IDs for the users to be added to the Usergroup + * @return object|WP_Error $usergroup Object for the new Usergroup on success, WP_Error otherwise + */ + public function add_usergroup( $args = array(), $user_ids = array() ) { - /** - * Update a usergroup with new data. - * Fields can include: - * - Name - * - Slug (prefixed with our special key, of course) - * - Description - * - Users - * - * @since 0.7 - * - * @param int $id Unique ID for the usergroup - * @param array $args Usergroup meta to update (name, slug, description) - * @param array $users Users to be added to the Usergroup. If set, removes existing users first. - * @return object|WP_Error $usergroup Object for the updated Usergroup on success, WP_Error otherwise - */ - function update_usergroup( $id, $args = array(), $users = null ) { - - $existing_usergroup = $this->get_usergroup_by( 'id', $id ); - if ( is_wp_error( $existing_usergroup ) ) - return new WP_Error( 'invalid', __( "User group doesn't exist.", 'edit-flow' ) ); - - // Encode our extra fields and then store them in the description field - $args_to_encode = array(); - $args_to_encode['description'] = ( isset( $args['description'] ) ) ? $args['description'] : $existing_usergroup->description; - $args_to_encode['user_ids'] = ( is_array( $users ) ) ? $users : $existing_usergroup->user_ids; - $args_to_encode['user_ids'] = array_unique( $args_to_encode['user_ids'] ); - $encoded_description = $this->get_encoded_description( $args_to_encode ); - $args['description'] = $encoded_description; - - $usergroup = wp_update_term( $id, self::taxonomy_key, $args ); - if ( is_wp_error( $usergroup ) ) - return $usergroup; + if ( ! isset( $args['name'] ) ) { + return new WP_Error( 'invalid', __( 'New user groups must have a name', 'edit-flow' ) ); + } - return $this->get_usergroup_by( 'id', $usergroup['term_id'] ); - } + $name = $args['name']; + $default = array( + 'name' => '', + 'slug' => self::term_prefix . sanitize_title( $name ), + 'description' => '', + ); + $args = array_merge( $default, $args ); + + // Encode our extra fields and then store them in the description field + $args_to_encode = array( + 'description' => $args['description'], + 'user_ids' => array_unique( $user_ids ), + ); + $encoded_description = $this->get_encoded_description( $args_to_encode ); + $args['description'] = $encoded_description; + $usergroup = wp_insert_term( $name, self::taxonomy_key, $args ); + if ( is_wp_error( $usergroup ) ) { + return $usergroup; + } - /** - * Delete a usergroup based on its term ID - * - * @since 0.7 - * - * @param int $id Unique ID for the Usergroup - * @param bool|WP_Error Returns true on success, WP_Error on failure - */ - function delete_usergroup( $id ) { + return $this->get_usergroup_by( 'id', $usergroup['term_id'] ); + } - $retval = wp_delete_term( $id, self::taxonomy_key ); - return $retval; - } + /** + * Update a usergroup with new data. + * Fields can include: + * - Name + * - Slug (prefixed with our special key, of course) + * - Description + * - Users + * + * @since 0.7 + * + * @param int $id Unique ID for the usergroup + * @param array $args Usergroup meta to update (name, slug, description) + * @param array $users Users to be added to the Usergroup. If set, removes existing users first. + * @return object|WP_Error $usergroup Object for the updated Usergroup on success, WP_Error otherwise + */ + public function update_usergroup( $id, $args = array(), $users = null ) { - /** - * Add an array of user logins or IDs to a given usergroup - * - * @since 0.7 - * - * @param array $user_ids_or_logins User IDs or logins to be added to the usergroup - * @param int $id Usergroup to perform the action on - * @param bool $reset Delete all of the relationships before adding - * @return bool $success Whether or not we were successful - */ - function add_users_to_usergroup( $user_ids_or_logins, $id, $reset = true ) { + $existing_usergroup = $this->get_usergroup_by( 'id', $id ); + if ( is_wp_error( $existing_usergroup ) ) { + return new WP_Error( 'invalid', __( "User group doesn't exist.", 'edit-flow' ) ); + } - if ( !is_array( $user_ids_or_logins ) ) - return new WP_Error( 'invalid', __( "Invalid users variable. Should be array.", 'edit-flow' ) ); + // Encode our extra fields and then store them in the description field + $args_to_encode = array(); + $args_to_encode['description'] = ( isset( $args['description'] ) ) ? $args['description'] : $existing_usergroup->description; + $args_to_encode['user_ids'] = ( is_array( $users ) ) ? $users : $existing_usergroup->user_ids; + $args_to_encode['user_ids'] = array_unique( $args_to_encode['user_ids'] ); + $encoded_description = $this->get_encoded_description( $args_to_encode ); + $args['description'] = $encoded_description; + + $usergroup = wp_update_term( $id, self::taxonomy_key, $args ); + if ( is_wp_error( $usergroup ) ) { + return $usergroup; + } - // To dump the existing users from a usergroup, we need to pass an empty array - $usergroup = $this->get_usergroup_by( 'id', $id ); - if ( $reset ) { - $retval = $this->update_usergroup( $id, null, array() ); - if ( is_wp_error( $retval ) ) - return $retval; + return $this->get_usergroup_by( 'id', $usergroup['term_id'] ); } - // Add the new users one by one to an array we'll pass back to the usergroup - $new_users = array(); - foreach ( (array)$user_ids_or_logins as $user_id_or_login ) { - if ( !is_numeric( $user_id_or_login ) ) - $new_users[] = get_user_by( 'login', $user_id_or_login )->ID; - else - $new_users[] = (int)$user_id_or_login; - } - $retval = $this->update_usergroup( $id, null, $new_users ); - if ( is_wp_error( $retval ) ) - return $retval; - return true; - } + /** + * Delete a usergroup based on its term ID + * + * @since 0.7 + * + * @param int $id Unique ID for the Usergroup + * @param bool|WP_Error Returns true on success, WP_Error on failure + */ + public function delete_usergroup( $id ) { - /** - * Add a given user to a Usergroup. Can use User ID or user login - * - * @since 0.7 - * - * @param int|string $user_id_or_login User ID or login to be added to the Usergroups - * @param int|array $ids ID for the Usergroup(s) - * @return bool|WP_Error $retval Return true on success, WP_Error on error - */ - function add_user_to_usergroup( $user_id_or_login, $ids ) { - - if ( !is_numeric( $user_id_or_login ) ) - $user_id = get_user_by( 'login', $user_id_or_login )->ID; - else - $user_id = (int)$user_id_or_login; - - foreach( (array)$ids as $usergroup_id ) { - $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); - $usergroup->user_ids[] = $user_id; - $retval = $this->update_usergroup( $usergroup_id, null, $usergroup->user_ids ); - if ( is_wp_error( $retval ) ) - return $retval; + $retval = wp_delete_term( $id, self::taxonomy_key ); + return $retval; } - return true; - } - /** - * Remove a given user from one or more usergroups - * - * @since 0.7 - * - * @param int|string $user_id_or_login User ID or login to be removed from the Usergroups - * @param int|array $ids ID for the Usergroup(s) - * @return bool|WP_Error $retval Return true on success, WP_Error on error - */ - function remove_user_from_usergroup( $user_id_or_login, $ids ) { - - if ( !is_numeric( $user_id_or_login ) ) - $user_id = get_user_by( 'login', $user_id_or_login )->ID; - else - $user_id = (int)$user_id_or_login; - - // Remove the user from each usergroup specified - foreach( (array)$ids as $usergroup_id ) { - $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); - // @todo I bet there's a PHP function for this I couldn't look up at 35,000 over the Atlantic - foreach( $usergroup->user_ids as $key => $usergroup_user_id ) { - if ( $usergroup_user_id == $user_id ) - unset( $usergroup->user_ids[$key] ); - } - $retval = $this->update_usergroup( $usergroup_id, null, $usergroup->user_ids ); - if ( is_wp_error( $retval ) ) + /** + * Add an array of user logins or IDs to a given usergroup + * + * @since 0.7 + * + * @param array $user_ids_or_logins User IDs or logins to be added to the usergroup + * @param int $id Usergroup to perform the action on + * @param bool $reset Delete all of the relationships before adding + * @return bool $success Whether or not we were successful + */ + public function add_users_to_usergroup( $user_ids_or_logins, $id, $reset = true ) { + + if ( ! is_array( $user_ids_or_logins ) ) { + return new WP_Error( 'invalid', __( 'Invalid users variable. Should be array.', 'edit-flow' ) ); + } + + // To dump the existing users from a usergroup, we need to pass an empty array + $usergroup = $this->get_usergroup_by( 'id', $id ); + if ( $reset ) { + $retval = $this->update_usergroup( $id, null, array() ); + if ( is_wp_error( $retval ) ) { + return $retval; + } + } + + // Add the new users one by one to an array we'll pass back to the usergroup + $new_users = array(); + foreach ( (array) $user_ids_or_logins as $user_id_or_login ) { + if ( ! is_numeric( $user_id_or_login ) ) { + $new_users[] = get_user_by( 'login', $user_id_or_login )->ID; + } else { + $new_users[] = (int) $user_id_or_login; + } + } + $retval = $this->update_usergroup( $id, null, $new_users ); + if ( is_wp_error( $retval ) ) { return $retval; + } + return true; } - return true; - } + /** + * Add a given user to a Usergroup. Can use User ID or user login + * + * @since 0.7 + * + * @param int|string $user_id_or_login User ID or login to be added to the Usergroups + * @param int|array $ids ID for the Usergroup(s) + * @return bool|WP_Error $retval Return true on success, WP_Error on error + */ + public function add_user_to_usergroup( $user_id_or_login, $ids ) { - /** - * Get all of the Usergroup ids or objects for a given user - * - * @since 0.7 - * - * @param int|string $user_id_or_login User ID or login to search against - * @param array $ids_or_objects Whether to retrieve an array of IDs or usergroup objects - * @param array|bool $usergroup_objects_or_ids Array of usergroup 'ids' or 'objects', false if none - */ - function get_usergroups_for_user( $user_id_or_login, $ids_or_objects = 'ids' ) { - - if ( !is_numeric( $user_id_or_login ) ) - $user_id = get_user_by( 'login', $user_id_or_login )->ID; - else - $user_id = (int)$user_id_or_login; - - // Unfortunately, the easiest way to do this is get all usergroups - // and then loop through each one to see if the user ID is stored - $all_usergroups = $this->get_usergroups(); - if ( !empty( $all_usergroups) ) { - $usergroup_objects_or_ids = array(); - foreach( $all_usergroups as $usergroup ) { - // Not in this usergroup, so keep going - if ( !in_array( $user_id, $usergroup->user_ids ) ) - continue; - if ( $ids_or_objects == 'ids' ) - $usergroup_objects_or_ids[] = (int)$usergroup->term_id; - else if ( $ids_or_objects == 'objects' ) - $usergroup_objects_or_ids[] = $usergroup; - } - return $usergroup_objects_or_ids; - } else { - return false; + if ( ! is_numeric( $user_id_or_login ) ) { + $user_id = get_user_by( 'login', $user_id_or_login )->ID; + } else { + $user_id = (int) $user_id_or_login; + } + + foreach ( (array) $ids as $usergroup_id ) { + $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); + $usergroup->user_ids[] = $user_id; + $retval = $this->update_usergroup( $usergroup_id, null, $usergroup->user_ids ); + if ( is_wp_error( $retval ) ) { + return $retval; + } + } + return true; } - } -} + /** + * Remove a given user from one or more usergroups + * + * @since 0.7 + * + * @param int|string $user_id_or_login User ID or login to be removed from the Usergroups + * @param int|array $ids ID for the Usergroup(s) + * @return bool|WP_Error $retval Return true on success, WP_Error on error + */ + public function remove_user_from_usergroup( $user_id_or_login, $ids ) { -} + if ( ! is_numeric( $user_id_or_login ) ) { + $user_id = get_user_by( 'login', $user_id_or_login )->ID; + } else { + $user_id = (int) $user_id_or_login; + } + // Remove the user from each usergroup specified + foreach ( (array) $ids as $usergroup_id ) { + $usergroup = $this->get_usergroup_by( 'id', $usergroup_id ); + // @todo I bet there's a PHP function for this I couldn't look up at 35,000 over the Atlantic + foreach ( $usergroup->user_ids as $key => $usergroup_user_id ) { + if ( $usergroup_user_id == $user_id ) { + unset( $usergroup->user_ids[ $key ] ); + } + } + $retval = $this->update_usergroup( $usergroup_id, null, $usergroup->user_ids ); + if ( is_wp_error( $retval ) ) { + return $retval; + } + } + return true; + } -if ( !class_exists( 'EF_Usergroups_List_Table' ) ) { -/** - * Usergroups uses WordPress' List Table API for generating the Usergroup management table - * - * @since 0.7 - */ -class EF_Usergroups_List_Table extends WP_List_Table -{ + /** + * Get all of the Usergroup ids or objects for a given user + * + * @since 0.7 + * + * @param int|string $user_id_or_login User ID or login to search against + * @param array $ids_or_objects Whether to retrieve an array of IDs or usergroup objects + * @param array|bool $usergroup_objects_or_ids Array of usergroup 'ids' or 'objects', false if none + */ + public function get_usergroups_for_user( $user_id_or_login, $ids_or_objects = 'ids' ) { - var $callback_args; + if ( ! is_numeric( $user_id_or_login ) ) { + $user_id = get_user_by( 'login', $user_id_or_login )->ID; + } else { + $user_id = (int) $user_id_or_login; + } - function __construct() { + // Unfortunately, the easiest way to do this is get all usergroups + // and then loop through each one to see if the user ID is stored + $all_usergroups = $this->get_usergroups(); + if ( ! empty( $all_usergroups ) ) { + $usergroup_objects_or_ids = array(); + foreach ( $all_usergroups as $usergroup ) { + // Not in this usergroup, so keep going + if ( ! in_array( $user_id, $usergroup->user_ids ) ) { + continue; + } + if ( 'ids' == $ids_or_objects ) { + $usergroup_objects_or_ids[] = (int) $usergroup->term_id; + } else if ( 'objects' == $ids_or_objects ) { + $usergroup_objects_or_ids[] = $usergroup; + } + } + return $usergroup_objects_or_ids; + } else { + return false; + } + } + } - parent::__construct( array( - 'plural' => 'user groups', - 'singular' => 'user group', - 'ajax' => true - ) ); +} - } +// phpcs:disable Generic.Files.OneObjectStructurePerFile.MultipleFound +if ( ! class_exists( 'EF_Usergroups_List_Table' ) ) { /** - * @todo Paginate if we have a lot of usergroups + * Usergroups uses WordPress' List Table API for generating the Usergroup management table * * @since 0.7 */ - function prepare_items() { - global $edit_flow; + class EF_Usergroups_List_Table extends WP_List_Table { - $columns = $this->get_columns(); - $hidden = array(); - $sortable = array(); - $this->_column_headers = array( $columns, $hidden, $sortable ); + protected $callback_args; - $this->items = $edit_flow->user_groups->get_usergroups(); + public function __construct() { - $this->set_pagination_args( array( - 'total_items' => count( $this->items ), - 'per_page' => count( $this->items ), - ) ); - } + parent::__construct( array( + 'plural' => 'user groups', + 'singular' => 'user group', + 'ajax' => true, + ) ); + } - /** - * Message to be displayed when there are no usergroups - * - * @since 0.7 - */ - function no_items() { - _e( 'No user groups found.', 'edit-flow' ); - } + /** + * @todo Paginate if we have a lot of usergroups + * + * @since 0.7 + */ + public function prepare_items() { + global $edit_flow; - /** - * Columns in our Usergroups table - * - * @since 0.7 - */ - function get_columns() { + $columns = $this->get_columns(); + $hidden = array(); + $sortable = array(); - $columns = array( - 'name' => __( 'Name', 'edit-flow' ), - 'description' => __( 'Description', 'edit-flow' ), - 'users' => __( 'Users in Group', 'edit-flow' ), - ); + $this->_column_headers = array( $columns, $hidden, $sortable ); - return $columns; - } + $this->items = $edit_flow->user_groups->get_usergroups(); - /** - * Process the Usergroup column value for all methods that aren't registered - * - * @since 0.7 - */ - function column_default( $usergroup, $column_name ) { - - - } + $this->set_pagination_args( array( + 'total_items' => count( $this->items ), + 'per_page' => count( $this->items ), + ) ); + } - /** - * Process the Usergroup name column value. - * Displays the name of the Usergroup, and action links - * - * @since 0.7 - */ - function column_name( $usergroup ) { - global $edit_flow; + /** + * Message to be displayed when there are no usergroups + * + * @since 0.7 + */ + public function no_items() { + _e( 'No user groups found.', 'edit-flow' ); + } - // @todo direct edit link - $output = '' . esc_html( $usergroup->name ) . ''; + /** + * Columns in our Usergroups table + * + * @since 0.7 + */ + public function get_columns() { - $actions = array(); - $actions['edit edit-usergroup'] = sprintf( '' . __( 'Edit', 'edit-flow' ) . '', $edit_flow->user_groups->get_link( array( 'action' => 'edit-usergroup', 'usergroup-id' => $usergroup->term_id ) ) ); - $actions['inline hide-if-no-js'] = '' . __( 'Quick Edit' ) . ''; - $actions['delete delete-usergroup'] = sprintf( '' . __( 'Delete', 'edit-flow' ) . '', $edit_flow->user_groups->get_link( array( 'action' => 'delete-usergroup', 'usergroup-id' => $usergroup->term_id ) ) ); + $columns = array( + 'name' => __( 'Name', 'edit-flow' ), + 'description' => __( 'Description', 'edit-flow' ), + 'users' => __( 'Users in Group', 'edit-flow' ), + ); - $output .= $this->row_actions( $actions, false ); - $output .= ''; + return $columns; + } - return $output; + /** + * Process the Usergroup column value for all methods that aren't registered + * + * @since 0.7 + */ + public function column_default( $usergroup, $column_name ) { + } - } + /** + * Process the Usergroup name column value. + * Displays the name of the Usergroup, and action links + * + * @since 0.7 + */ + public function column_name( $usergroup ) { + global $edit_flow; + + // @todo direct edit link + $output = '' . esc_html( $usergroup->name ) . ''; + + $actions = array(); + $actions['edit edit-usergroup'] = sprintf( '' . __( 'Edit', 'edit-flow' ) . '', $edit_flow->user_groups->get_link( array( + 'action' => 'edit-usergroup', + 'usergroup-id' => $usergroup->term_id, + ) ) ); + $actions['inline hide-if-no-js'] = '' . __( 'Quick Edit' ) . ''; + $actions['delete delete-usergroup'] = sprintf( '' . __( 'Delete', 'edit-flow' ) . '', $edit_flow->user_groups->get_link( array( + 'action' => 'delete-usergroup', + 'usergroup-id' => $usergroup->term_id, + ) ) ); + + $output .= $this->row_actions( $actions, false ); + $output .= ''; + + return $output; + } - /** - * Handle the 'description' column for the table of Usergroups - * Don't need to unencode this because we already did when the usergroup was loaded - * - * @since 0.7 - */ - function column_description( $usergroup ) { - return esc_html( $usergroup->description ); - } + /** + * Handle the 'description' column for the table of Usergroups + * Don't need to unencode this because we already did when the usergroup was loaded + * + * @since 0.7 + */ + public function column_description( $usergroup ) { + return esc_html( $usergroup->description ); + } - /** - * Show the "Total Users" in a given usergroup - * - * @since 0.7 - */ - function column_users( $usergroup ) { - global $edit_flow; - return '' . count( $usergroup->user_ids ) . ''; - } + /** + * Show the "Total Users" in a given usergroup + * + * @since 0.7 + */ + public function column_users( $usergroup ) { + global $edit_flow; + return '' . count( $usergroup->user_ids ) . ''; + } - /** - * Prepare a single row of information about a usergroup - * - * @since 0.7 - */ - function single_row( $usergroup ) { - static $row_class = ''; - $row_class = ( $row_class == '' ? ' class="alternate"' : '' ); + /** + * Prepare a single row of information about a usergroup + * + * @since 0.7 + */ + public function single_row( $usergroup ) { + static $row_class = ''; + $row_class = ( '' == $row_class ? ' class="alternate"' : '' ); - echo ''; - echo $this->single_row_columns( $usergroup ); - echo ''; - } + echo wp_kses_post( '' ); + echo wp_kses_post( $this->single_row_columns( $usergroup ) ); + echo ''; + } - /** - * If we use this form, we can have inline editing! - * - * @since 0.7 - */ - function inline_edit() { - global $edit_flow; -?> + /** + * If we use this form, we can have inline editing! + * + * @since 0.7 + */ + public function inline_edit() { + global $edit_flow; + ?>
    -
    - + + + + + + + + + + + + + + + + + + . */node_modules/* - */nodeapp/* */vendor/* - */wordpress/* + */tests/* diff --git a/vipgo-helper.php b/vipgo-helper.php index be0166473..5603fe950 100644 --- a/vipgo-helper.php +++ b/vipgo-helper.php @@ -9,10 +9,18 @@ * them via filters. */ add_filter( 'ef_kill_add_caps_to_role', '__return_true' ); -add_filter( 'ef_view_calendar_cap', function() {return 'edit_posts'; } ); -add_filter( 'ef_view_story_budget_cap', function() { return 'edit_posts'; } ); -add_filter( 'ef_edit_post_subscriptions_cap', function() { return 'edit_others_posts'; } ); -add_filter( 'ef_manage_usergroups_cap', function() { return 'manage_options'; } ); +add_filter( 'ef_view_calendar_cap', function () { + return 'edit_posts'; +} ); +add_filter( 'ef_view_story_budget_cap', function () { + return 'edit_posts'; +} ); +add_filter( 'ef_edit_post_subscriptions_cap', function () { + return 'edit_others_posts'; +} ); +add_filter( 'ef_manage_usergroups_cap', function () { + return 'manage_options'; +} ); /** * Edit Flow loads modules after plugins_loaded, which has already been fired when loading via wpcom_vip_load_plugins diff --git a/wpcom-helper.php b/wpcom-helper.php index 519b5eb93..7bd595d2c 100644 --- a/wpcom-helper.php +++ b/wpcom-helper.php @@ -9,10 +9,18 @@ * them with the WP.com + core caps approach */ add_filter( 'ef_kill_add_caps_to_role', '__return_true' ); -add_filter( 'ef_view_calendar_cap', function() { return 'edit_posts'; } ); -add_filter( 'ef_view_story_budget_cap', function() { return 'edit_posts'; } ); -add_filter( 'ef_edit_post_subscriptions_cap', function() { return 'edit_others_posts'; } ); -add_filter( 'ef_manage_usergroups_cap', function() { return 'manage_options'; } ); +add_filter( 'ef_view_calendar_cap', function () { + return 'edit_posts'; +} ); +add_filter( 'ef_view_story_budget_cap', function () { + return 'edit_posts'; +} ); +add_filter( 'ef_edit_post_subscriptions_cap', function () { + return 'edit_others_posts'; +} ); +add_filter( 'ef_manage_usergroups_cap', function () { + return 'manage_options'; +} ); /** * Edit Flow loads modules after plugins_loaded, which has already been fired on WP.com @@ -52,4 +60,4 @@ function edit_flow_fix_fix_post_name( $post ) { } return $post; -} \ No newline at end of file +}