AnkietyGO/user-private-files/user-private-files.php

664 lines
22 KiB
PHP
Raw Normal View History

<?php
/*
Plugin Name: User Private Files 1.1
Description: Plugin to manage private files for users. You can upload files for your users to access, files are only viewable/downloadable for the designated users.
Author: Hai Bui - FLDtrace team
Author URI: http://www.fldtrace.com
License: GPL
Version: 1.1
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, version 2, as
published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
//*********** install/uninstall actions ********************//
register_activation_hook(__FILE__,'upf_install');
register_deactivation_hook(__FILE__, 'upf_uninstall');
function upf_install(){
upf_uninstall();//force to uninstall option
add_option('upf_email_subject','Przesłano nowy plik');//New File Upload
add_option('upf_email_message',"Witaj %user_login%,\nPrzesłano dla Ciebie nowy plik o nazwie %filename%, możesz go pobrać na stronie %download_url%\nDo zobaczenia!");//Hello %user_login%,\nYou have a new file upload. The file name is %filename%, you can download it here %download_url%
}
function upf_uninstall(){
delete_option('upf_email_subject');
delete_option('upf_email_message');
}
//*********** end of install/uninstall actions ********************//
function upf_init() {
load_plugin_textdomain('user-private-files');
}
add_action('init', 'upf_init');
add_action('admin_menu', 'upf_menu');
function upf_menu() {
add_submenu_page( 'edit.php?post_type=userfile', 'User Private Files', 'Settings', 'manage_options', 'upf_options', 'upf_options');
}
function upf_options() {
if (!current_user_can('manage_options')) {
wp_die( __('You do not have sufficient permissions to access this page.', 'user-private-files') );
}
if (!empty($_POST['update'])) {
if($_POST['upf_email_subject'] ) {
update_option('upf_email_subject',$_POST['upf_email_subject'] );
}
if($_POST['upf_email_message'] ) {
update_option('upf_email_message',esc_attr($_POST['upf_email_message']) );
}
?>
<div class="updated settings-error" id="setting-error-settings_updated"><p><strong><?php _e('Ustawienia zapisane', 'user-private-files');?>.</strong></p></div><!--Settings Saved-->
<?php
}
$upf_email_subject = get_option('upf_email_subject');
$upf_email_message = get_option('upf_email_message');
?>
<div class="wrap">
<h2><?php _e('Ustawienia plików użytkownika', 'user-private-files');?></h2><!--User Private Files Settings-->
<form method="POST" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
<h3><?php _e('Notyfikacja', 'user-private-files');?></h3><!--Notification-->
<table class="form-table">
<tbody>
<tr valign="top">
<th scope="row"><label for="upf_email_subject"><?php _e('Temat wiadomości email:', 'user-private-files');?></label></th><!--Email Subject:-->
<td><input type="text" class="regular-text" name="upf_email_subject" id="upf_email_subject" value="<?php echo $upf_email_subject; ?>"></td>
</tr>
<tr valign="top">
<th scope="row"><label for="upf_email_subject"><?php _e('Treść wiadomości email:', 'user-private-files');?></label></th><!--Email Message-->
<td>
<textarea name="upf_email_message" class="regular-text" rows="5" cols="50"><?php echo $upf_email_message; ?></textarea>
<p class="description"><?php _e('Dostępne zmienne: ', 'user-private-files');?> <br/><strong>%blogname%, %siteurl%, %user_login%, %filename%, %download_url%, %category%</strong></p> <!--Available Variables-->
</td>
</tr>
</tbody>
</table>
<input type="hidden" name="update" value="update">
<p class="submit"><input type="submit" value="<?php _e('Zapisz zmiany', 'user-private-files');?>" class="button-primary" id="submit" name="submit"></p><!--Save Changes-->
</form>
</div>
<?php
}
add_action( 'init', 'upf_register_cpt_userfile' );
function upf_register_cpt_userfile() {
$labels = array(
'name' => _x( 'Pliki użytkowników', 'userfile' ),//User Files
'singular_name' => _x( 'Plik użytkownika', 'userfile' ),//User File
'add_new' => _x( 'Dodaj nowy', 'userfile' ),//Add New
'add_new_item' => _x( 'Dodaj nowy plik użytkownika', 'userfile' ),//Add New User File
'edit_item' => _x( 'Zedytuj plik użytkownika', 'userfile' ),//Edit User File
'new_item' => _x( 'Nowy plik użytkownika', 'userfile' ),//New User File
'view_item' => _x( 'Wyświetl plik użytkownika', 'userfile' ),//View User File
'search_items' => _x( 'Wyszukaj pliki użytkownika', 'userfile' ),//Search User Files
'not_found' => _x( 'Nie znaleziono plików użytkownika', 'userfile' ),//No user files found
'not_found_in_trash' => _x( 'Nie znaleziono plików użytkownika w koszu', 'userfile' ),//No user files found in Trash
'parent_item_colon' => _x( 'Plik użytkownika "Rodzica"', 'userfile' ),//Parent User File:
'menu_name' => _x( 'Pliki użytkownika', 'userfile' ),//User Files
);
$args = array(
'labels' => $labels,
'hierarchical' => false,
'supports' => array( 'title', 'author', 'editor' ),
'taxonomies' => array( 'file_categories' ),
'public' => true,
'show_ui' => true,
'show_in_menu' => true,
'show_in_nav_menus' => false,
'publicly_queryable' => true,
'exclude_from_search' => true,
'has_archive' => false,
'query_var' => true,
'can_export' => false,
'rewrite' => false,
'capabilities' => array(
'edit_post' => 'update_core',
'edit_posts' => 'update_core',
'edit_others_posts' => 'update_core',
'publish_posts' => 'update_core',
'read_post' => 'update_core',
'read_private_posts' => 'update_core',
'delete_post' => 'update_core'
)
);
register_post_type( 'userfile', $args );
}
add_action( 'init', 'upf_register_taxonomy_file_categories' );
function upf_register_taxonomy_file_categories() {
$labels = array(
'name' => _x( 'Kategorie', 'file_categories' ),//Categories
'singular_name' => _x( 'Kategoria', 'file_categories' ),//Category
'search_items' => _x( 'Wyszukaj kategorie', 'file_categories' ),//Search Categories
'popular_items' => _x( 'Popularne kategorie', 'file_categories' ),//Popular Categories
'all_items' => _x( 'Wszystkie kategorie', 'file_categories' ),//All Categories
'parent_item' => _x( 'Kategoria "Rodzica"', 'file_categories' ),//Parent Category
'parent_item_colon' => _x( 'Kategoria "Rodzica":', 'file_categories' ),//Parent Category
'edit_item' => _x( 'Edytuj kategorie', 'file_categories' ),//Edit Category
'update_item' => _x( 'Zaktualizuj kategorie', 'file_categories' ),//Update Category
'add_new_item' => _x( 'Dodaj nową kategorię', 'file_categories' ),//Add New Category
'new_item_name' => _x( 'Nowa kategoria', 'file_categories' ),//New Category
'separate_items_with_commas' => _x( 'Oddziel kategorie przecinkami', 'file_categories' ),//Separate categories with commas
'add_or_remove_items' => _x( 'Dodaj lub usuń kategorię', 'file_categories' ),//Add or remove categories
'choose_from_most_used' => _x( 'Wybierz z najczęściej wykorzystywanych kategorii', 'file_categories' ),//Choose from the most used categories
'menu_name' => _x( 'Kategorie', 'file_categories' ),//Categories
);
$args = array(
'labels' => $labels,
'public' => true,
'show_in_nav_menus' => false,
'show_ui' => true,
'show_tagcloud' => false,
'hierarchical' => true,
'rewrite' => false,
'query_var' => true
);
register_taxonomy( 'file_categories', array('userfile'), $args );
}
// Register the column
function upf_user_column_register( $columns ) {
$columns['user'] = __( 'User', 'user-private-files' );
return $columns;
}
add_filter( 'manage_edit-userfile_columns', 'upf_user_column_register' );
// Display the column content
function upf_user_column_display( $column_name, $post_id ) {
if ( 'user' != $column_name )
return;
$username = get_post_meta($post_id, 'upf_user', true);
echo $username;
}
add_action( 'manage_userfile_posts_custom_column', 'upf_user_column_display', 10, 2 );
// Register the column as sortable
function upf_user_column_register_sortable( $columns ) {
$columns['user'] = 'user';
return $columns;
}
add_filter( 'manage_edit-userfile_sortable_columns', 'upf_user_column_register_sortable' );
function upf_user_column_orderby( $vars ) {
if ( isset( $vars['orderby'] ) && 'user' == $vars['orderby'] ) {
$vars = array_merge( $vars, array(
'meta_key' => 'upf_user',
'orderby' => 'meta_value'
) );
}
return $vars;
}
add_filter( 'request', 'upf_user_column_orderby' );
add_filter('get_sample_permalink_html', 'upf_hide_sample_permalink', '',4);
function upf_hide_sample_permalink($return, $id, $new_title, $new_slug){
global $post;
if ($post->post_type == 'userfile') {
$return = '';
}
return $return;
}
function upf_get_user_dir($user_id) {
if (empty($user_id)) return false;
$dir = get_user_meta($user_id, 'upf_dir', true);
if (empty($dir)) {
$dir = uniqid($user_id.'_');
add_user_meta( $user_id, 'upf_dir', $dir );
}
return $dir;
}
add_action( 'post_edit_form_tag' , 'upf_post_edit_form_tag' );
function upf_post_edit_form_tag() {
global $post;
// if invalid $post object or post type is not 'userfile', return
if(!$post || get_post_type($post->ID) != 'userfile') return;
echo ' enctype="multipart/form-data" autocomplete="off"';
}
add_action('admin_menu', 'upf_meta_box');
function upf_meta_box() {
add_meta_box('userfile', __('User File', 'user-private-files'), 'upf_meta_fields', 'userfile', 'normal', 'high');
}
function upf_meta_fields() {
global $post;
wp_nonce_field(plugin_basename(__FILE__), 'wp_upf_nonce');
$upf_file = get_post_meta($post->ID, 'upf_file', true);
if (!empty($upf_file)) { ?>
<p><?php _e('Current file:', 'user-private-files');?> <a href="<?php echo $upf_file['url'];?>" target="_blank"><?php echo basename($upf_file['file']);?></a></p>
<?php
}
?>
<p class="label"><label for="upf_file"><?php _e('Prześlij plik PDF tutaj', 'user-private-files');?></label></p><!--Upload a PDF file here-->
<p><input type="file" name="upf_file" id="upf_file" /></p>
<p class="label"><label for="upf_user"><?php _e('Wybierz użytkownika', 'user-private-files');?></label></p><!--Select a user-->
<select name="upf_user" id="upf_user">
<?php
$users = get_users();
$upf_user = get_post_meta($post->ID, 'upf_user', true);
foreach ($users as $user) { ?>
<option value="<?php echo $user->ID;?>" <?php if ($upf_user == $user->user_login) echo 'selected="selected"';?>><?php echo $user->user_login;?></option>
<?php
}
?>
</select>
<p class="label"><input type="checkbox" name="upf_notify" value="1"> <label for="upf_notify"><?php _e('Powiadom użytkownika', 'user-private-files');?></label></p><!--Notify User-->
<?php
}
add_action('save_post', 'upf_save_post');
function upf_save_post($post_id, $post = null) {
global $post;
/* --- security verification --- */
if(!wp_verify_nonce($_POST['wp_upf_nonce'], plugin_basename(__FILE__)))
return $post_id;
if(defined('DOING_AUTOSAVE') && DOING_AUTOSAVE)
return $post_id;
// if invalid $post object or post type is not 'userfile', return
if(!$post || get_post_type($post->ID) != 'userfile') return;
$user_info = get_userdata($_POST['upf_user']);
add_post_meta($post_id, 'upf_user', $user_info->user_login);
update_post_meta($post_id, 'upf_user', $user_info->user_login);
// Make sure the file array isn't empty
if(!empty($_FILES['upf_file']['name'])) {
// Setup the array of supported file types. In this case, it's just PDF.
$supported_types = array('application/pdf');
// Get the file type of the upload
$arr_file_type = wp_check_filetype(basename($_FILES['upf_file']['name']));
$uploaded_type = $arr_file_type['type'];
// Check if the type is supported. If not, throw an error.
if(in_array($uploaded_type, $supported_types)) {
$upf_file = get_post_meta($post_id, 'upf_file', true);
if ($upf_file) {
$upf_file_path = WP_CONTENT_DIR.'/userfiles/'.$upf_file['file'];
if (file_exists($upf_file_path)) unlink($upf_file_path);
}
// Use the WordPress API to upload the file
$upload = wp_handle_upload( $_FILES['upf_file'], array( 'test_form' => false ) );
if(isset($upload['error']) && $upload['error'] != 0) {
wp_die(__('There was an error uploading your file. The error is: ' . $upload['error'], 'user-private-files'));
} else {
// Update custom field
$upload['file'] = substr($upload['file'],stripos($upload['file'],'wp-content/userfiles/')+21);
add_post_meta($post_id, 'upf_file', $upload);
update_post_meta($post_id, 'upf_file', $upload);
} // end if/else
} else {
wp_die(__("The file type that you've uploaded is not a PDF.", 'user-private-files'));
} // end if/else
} // end if
if ($_POST['upf_notify'] == '1') {
$upf_file = get_post_meta($post_id, 'upf_file', true);
$email_subject = get_option('upf_email_subject');
$email_msg = get_option('upf_email_message');
$email_msg = str_replace('%blogname%', get_bloginfo('name'), $email_msg);
$email_msg = str_replace('%siteurl%', get_bloginfo('url'), $email_msg);
$email_msg = str_replace('%user_login%', $user_info->user_login, $email_msg);
$email_msg = str_replace('%filename%', basename($upf_file['file']), $email_msg);
$email_msg = str_replace('%download_url%', get_bloginfo('url').'/?upf=dl&id='.$post_id, $email_msg);
$cats = wp_get_post_terms($post_id, 'file_categories', array("fields" => "names"));
$email_msg = str_replace('%category%', implode(", ", $cats), $email_msg);
$headers[] ='From: "'.htmlspecialchars_decode(get_bloginfo('name'), ENT_QUOTES).'" <'.get_option('admin_email').'>';
wp_mail($user_info->user_email, $email_subject, $email_msg, $headers);
}
}
add_filter( 'upload_dir', 'upf_custom_upload_dir' );
function upf_custom_upload_dir( $default_dir ) {
if ( ! isset( $_POST['post_ID'] ) || $_POST['post_ID'] < 0 )
return $default_dir;
if ( ! isset( $_POST['upf_user'] ) )
return $default_dir;
if ( $_POST['post_type'] != 'userfile' )
return $default_dir;
$dir = WP_CONTENT_DIR . '/userfiles';
$url = WP_CONTENT_URL . '/userfiles';
$bdir = $dir;
$burl = $url;
$subdir = '/'.upf_get_user_dir($_POST['upf_user']);
$dir .= $subdir;
$url .= $subdir;
$custom_dir = array(
'path' => $dir,
'url' => $url,
'subdir' => $subdir,
'basedir' => $bdir,
'baseurl' => $burl,
'error' => false,
);
return $custom_dir;
}
add_action('init', 'upf_get_download');
function upf_get_download() {
if (isset($_GET['upf']) && isset($_GET['id'])) {
if (is_user_logged_in()) {
global $current_user;
get_currentuserinfo();
// if the file was not assigned to the current user, return
if (get_post_meta($_GET['id'], 'upf_user', true) != $current_user->user_login) return;
$upf_file = get_post_meta($_GET['id'], 'upf_file', true);
$upf_file_path = WP_CONTENT_DIR.'/userfiles/'.$upf_file['file'];
$upf_file_name = substr($upf_file['file'], stripos($upf_file['file'], '/')+1);
set_time_limit(0);
$action = $_GET['upf']=='vw'?'view':'download';
output_file($upf_file_path, $upf_file_name, $upf_file['type'], $action);
}
else {
wp_redirect(wp_login_url($_SERVER['REQUEST_URI']));
exit;
}
}
}
/*DOWNLOAD FUNCTION */
function output_file($file, $name, $mime_type='', $action = 'download') {
if(!is_readable($file)) {
//die('File not found or inaccessible!<br />'.$file.'<br /> '.$name);
return;
}
$size = filesize($file);
$name = rawurldecode($name);
$known_mime_types=array(
"pdf" => "application/pdf",
"txt" => "text/plain",
"html" => "text/html",
"htm" => "text/html",
"exe" => "application/octet-stream",
"zip" => "application/zip",
"doc" => "application/msword",
"xls" => "application/vnd.ms-excel",
"ppt" => "application/vnd.ms-powerpoint",
"gif" => "image/gif",
"png" => "image/png",
"jpeg"=> "image/jpg",
"jpg" => "image/jpg",
"php" => "text/plain"
);
if($mime_type==''){
$file_extension = strtolower(substr(strrchr($file,"."),1));
if(array_key_exists($file_extension, $known_mime_types)){
$mime_type=$known_mime_types[$file_extension];
} else {
$mime_type="application/force-download";
};
};
@ob_end_clean(); //turn off output buffering to decrease cpu usage
// required for IE, otherwise Content-Disposition may be ignored
if(ini_get('zlib.output_compression'))
ini_set('zlib.output_compression', 'Off');
header('Content-Type: ' . $mime_type);
if ($action == 'download') header('Content-Disposition: attachment; filename="'.$name.'"');
else header('Content-Disposition: inline; filename="'.$name.'"');
header("Content-Transfer-Encoding: binary");
header('Accept-Ranges: bytes');
/* The three lines below basically make the download non-cacheable */
header("Cache-control: private");
header('Pragma: private');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// multipart-download and download resuming support
if(isset($_SERVER['HTTP_RANGE']))
{
list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
list($range) = explode(",",$range,2);
list($range, $range_end) = explode("-", $range);
$range=intval($range);
if(!$range_end) {
$range_end=$size-1;
} else {
$range_end=intval($range_end);
}
$new_length = $range_end-$range+1;
header("HTTP/1.1 206 Partial Content");
header("Content-Length: $new_length");
header("Content-Range: bytes $range-$range_end/$size");
} else {
$new_length=$size;
header("Content-Length: ".$size);
}
/* output the file itself */
$chunksize = 1*(1024*1024); //you may want to change this
$bytes_send = 0;
if ($file = fopen($file, 'r'))
{
if(isset($_SERVER['HTTP_RANGE']))
fseek($file, $range);
while(!feof($file) && (!connection_aborted()) && ($bytes_send<$new_length)) {
$buffer = fread($file, $chunksize);
print($buffer); //echo($buffer); // is also possible
flush();
$bytes_send += strlen($buffer);
}
fclose($file);
}
else die('Error - can not open file.');
die();
}
function upf_list_user_files() {
if (!is_user_logged_in()) return;
global $current_user;
get_currentuserinfo();
$current_url = get_permalink();
if (strpos($current_url,'?') !== false) $current_url .= '&';
else $current_url .= '?';
ob_start();
?>
<div class="filter clearfix">
<form action="<?php the_permalink();?>" method="post" autocomplete="off">
<select name="upf_year">
<option value=""><?php _e('Show all years', 'user-private-files');?></option>
<?php
global $wpdb;
$years = $wpdb->get_col("SELECT DISTINCT YEAR(post_date)
FROM $wpdb->posts wposts, $wpdb->postmeta wpostmeta
WHERE wposts.ID = wpostmeta.post_id
AND wposts.post_type = 'userfile'
AND wpostmeta.meta_key = 'upf_user'
AND wpostmeta.meta_value = '$current_user->user_login'
ORDER BY post_date DESC");
foreach($years as $year) { ?>
<option <?php if (isset($_POST['upf_year']) && $_POST['upf_year']==$year) echo 'selected="selected"';?>><?php echo $year; ?></option>
<?php
}
?>
</select>
<select name="upf_cat">
<option value=""><?php _e('Show all categories', 'user-private-files');?></option>
<?php
$cats = get_terms('file_categories');
foreach($cats as $cat) { ?>
<option value="<?php echo $cat->slug;?>" <?php if (isset($_POST['upf_cat']) && $_POST['upf_cat']==$cat->slug) echo 'selected="selected"';?>><?php echo $cat->name;?></option>
<?php
}
?>
</select>
<input type="submit" value="<?php _e('Filter', 'user-private-files');?>" />
</form>
</div>
<div class="upf_filelist">
<?php
$args = array(
'post_type' => 'userfile',
'meta_key' => 'upf_user',
'meta_value' => $current_user->user_login,
'orderby' => 'date',
'order' => DESC
);
if (!empty($_POST['upf_year'])) $args['year'] = $_POST['upf_year'];
if (!empty($_POST['upf_cat'])) $args['file_categories'] = $_POST['upf_cat'];
$the_query = new WP_Query( $args );
$html = '';
$current_year = '';
// The Loop
if ($the_query->have_posts()) :
while ( $the_query->have_posts() ) : $the_query->the_post();
$year = get_the_date('Y');
if ($year != $current_year) {
echo '<h2>'.$year.'</h2>';
$current_year = $year;
}
?>
<div class="report-wrap clearfix">
<span class="report-name"><a href="<?php the_permalink();?>"><?php the_title();?></a></span>
<div class="right">
<a href="?upf=vw&id=<?php echo get_the_ID();?>" class="view-print" target="_blank"><?php _e('View and Print', 'user-private-files');?></a> |
<a href="?upf=dl&id=<?php echo get_the_ID();?>" class="download" target="_blank"><?php _e('Download', 'user-private-files');?></a>
</div>
</div>
<?php
endwhile;
endif;
// Reset Post Data
wp_reset_postdata();
$html .= ob_get_clean();
$html .= '</div>';
return $html;
}
add_shortcode('userfiles', 'upf_list_user_files');
add_action('wp_head', 'upf_userfile_cpt_noindex');
function upf_userfile_cpt_noindex() {
if ( get_post_type() == 'userfile' ) { ?>
<meta name="robots" content="noindex,nofollow" />
<?php
}
}
add_action( 'template_redirect', 'upf_userfile_cpt_template' );
function upf_userfile_cpt_template() {
global $wp, $wp_query;
if ( isset( $wp->query_vars['post_type'] ) && $wp->query_vars['post_type'] == 'userfile' ) {
if ( have_posts() ) {
add_filter( 'the_content', 'upf_userfile_cpt_template_filter' );
}
else {
$wp_query->is_404 = true;
}
}
}
function upf_userfile_cpt_template_filter( $content ) {
global $wp_query;
$post_id = $wp_query->post->ID;
$output = "You are not authorized to access this page.";
if (is_user_logged_in()) {
global $current_user;
get_currentuserinfo();
// if the file was not assigned to the current user, return
if (get_post_meta($post_id, 'upf_user', true) == $current_user->user_login) {
$output = $content;
$output .= '<p><a href="?upf=vw&id='.$post_id.'" class="view-print" target="_blank">' . __('View and Print', 'user-private-files') . '</a><br/>
<a href="?upf=dl&id='.$post_id.'" class="download" target="_blank">' . __('Download', 'user-private-files') . '</a></p>';
}
}
return $output;
}