views
5 months ago
MediaAccessControl.php
5 days ago
MediaHandler.php
5 years ago
RestAPI.php
5 years ago
MediaAccessControl.php
499 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * |
| 5 | */ |
| 6 | |
| 7 | namespace WPDM\MediaLibrary; |
| 8 | |
| 9 | |
| 10 | use WPDM\__\__; |
| 11 | use WPDM\__\Crypt; |
| 12 | use WPDM\__\Messages; |
| 13 | use WPDM\__\Template; |
| 14 | use WPDM\__\TempStorage; |
| 15 | use WPDM\__\FileSystem; |
| 16 | use WPDM\__\UI; |
| 17 | |
| 18 | class MediaAccessControl { |
| 19 | function __construct() { |
| 20 | add_action( 'init', array( $this, 'mediaDownload' ) ); |
| 21 | add_action( 'wp_ajax_wpdm_media_pass', array( $this, 'makeMediaPass' ) ); |
| 22 | add_action( 'wp_ajax_nopriv_wpdm_media_pass', array( $this, 'makeMediaPass' ) ); |
| 23 | |
| 24 | if ( is_admin() ) { |
| 25 | add_filter( 'attachment_fields_to_edit', array( $this, 'protectionSettings' ), null, 2 ); |
| 26 | add_action( 'wp_ajax_wpdm_media_access', array( $this, 'mediaAccessControl' ) ); |
| 27 | add_action( 'wp_ajax_make_media_public', array( $this, 'makeMediaPublic' ) ); |
| 28 | add_action( 'wp_ajax_make_media_private', array( $this, 'makeMediaPrivate' ) ); |
| 29 | add_action( 'admin_footer', array( $this, 'footerScripts' ) ); |
| 30 | } else { |
| 31 | add_action( "init", array( $this, 'protectMediaLibrary' ), 8 ); |
| 32 | |
| 33 | } |
| 34 | |
| 35 | add_shortcode( 'wpdm_media', array( $this, 'mediaShortcode' ) ); |
| 36 | |
| 37 | |
| 38 | } |
| 39 | |
| 40 | function mediaDownload() { |
| 41 | if ( isset( $_REQUEST['__mediakey'] ) ) { |
| 42 | $mediaid = TempStorage::get( '__wpdm_meida_key_' . wpdm_query_var( '__mediakey', 'txt' ) ); |
| 43 | if ( $mediaid > 0 ) { |
| 44 | $file = get_attached_file( $mediaid ); |
| 45 | $file = apply_filters( "wpdm_media_download", $file, $mediaid ); |
| 46 | FileSystem::downloadFile( $file, basename( $file ), 10240, 0, array( 'play' => 1 ) ); |
| 47 | die(); |
| 48 | } |
| 49 | } |
| 50 | } |
| 51 | |
| 52 | |
| 53 | function makeMediaPass() { |
| 54 | if ( wpdm_query_var( '__xnonce' ) && wp_verify_nonce( wpdm_query_var( '__xnonce' ), NONCE_KEY ) ) { |
| 55 | $mediaid = Crypt::decrypt( wpdm_query_var( '__meida' ) ); |
| 56 | $password = get_post_meta( $mediaid, '__wpdm_media_pass', true ); |
| 57 | //wpdmdd([wpdm_query_var('__pswd'), $password]); |
| 58 | $private = get_post_meta( $mediaid, '__wpdm_private', true ); |
| 59 | // Require the item to actually be private with a non-empty password, and |
| 60 | // compare strictly — '' == '' and numeric type-juggling would otherwise |
| 61 | // hand out a download key for an unprotected/no-password item. |
| 62 | if ( $private && $password !== '' && (string) $password === (string) wpdm_query_var( '__pswd' ) ) { |
| 63 | $mediakey = uniqid(); |
| 64 | $xpire_sex = (int) get_option( '__wpdm_private_link_expiration_period' ) * (int) get_option( '__wpdm_private_link_expiration_period_unit' ); |
| 65 | $xpire_sex = $xpire_sex > 0 ? $xpire_sex : 30; |
| 66 | TempStorage::set( '__wpdm_meida_key_' . $mediakey, $mediaid, $xpire_sex ); |
| 67 | wp_send_json( array( 'success' => true, '__mediakey' => $mediakey ) ); |
| 68 | } |
| 69 | } |
| 70 | wp_send_json( array( |
| 71 | 'success' => false, |
| 72 | 'error' => __( "<b>Error:</b> Wrong Password! Try Again.", "download-manager" ) |
| 73 | ) ); |
| 74 | } |
| 75 | |
| 76 | function mediaShortcode( $params ) { |
| 77 | if ( ! isset( $params['id'] ) || (int) $params['id'] < 1 ) { |
| 78 | return __( "Missing ID!", "download-manager" ); |
| 79 | } |
| 80 | $media = get_post( $params['id'] ); |
| 81 | $media->path = str_replace( home_url( '/' ), ABSPATH . '/', $media->guid ); |
| 82 | $media->filesize = wpdm_file_size( $media->path ); |
| 83 | $picon = ! substr_count( $media->post_mime_type, 'image' ) ? wp_get_attachment_image( $media->ID, 'thumbnail', true ) : UI::img( wpdm_dynamic_thumb( $media->path, [ |
| 84 | 128, |
| 85 | 128 |
| 86 | ], true ), 'Thumb', [ 'width' => 48 ] ); |
| 87 | $media->icon = $picon; |
| 88 | ob_start(); |
| 89 | include Template::locate( "media-shortcode.php", __DIR__ . '/views' ); |
| 90 | $content = ob_get_clean(); |
| 91 | |
| 92 | return $content; |
| 93 | } |
| 94 | |
| 95 | /* |
| 96 | function protectMediaLibrary(){ |
| 97 | if(isset($_REQUEST['wpdmmediaid'])){ |
| 98 | global $wpdb; |
| 99 | $current_user = wp_get_current_user(); |
| 100 | $ID = wpdm_query_var('wpdmmediaid', 'int'); |
| 101 | $media = get_post($ID); |
| 102 | if(!$media) Messages::fullPage('404', esc_attr__( 'Media not found!', "download-manager" )); |
| 103 | $media_meta = wp_get_attachment_metadata($ID); |
| 104 | //wpdmdd($media_meta); |
| 105 | //wpdmdd($media); |
| 106 | $media->path = str_replace(home_url('/'), ABSPATH.'/', $media->guid); |
| 107 | $media->filesize = wpdm_file_size($media->path); |
| 108 | |
| 109 | $access = get_post_meta($media->ID, '__wpdm_media_access', true); |
| 110 | if(!is_array($access)) $access = ['public']; |
| 111 | $password = get_post_meta($media->ID, '__wpdm_media_pass', true); |
| 112 | $private = get_post_meta($media->ID, '__wpdm_private', true); |
| 113 | if(current_user_can('manage_options')) $private = false; |
| 114 | $user_roles = is_user_logged_in() ? $current_user->roles + array('public') : array(); |
| 115 | $user_roles[] = 'public'; |
| 116 | $user_allowed = array_intersect($user_roles, $access); |
| 117 | $user_allowed = count($user_allowed); |
| 118 | if( $private && ( $password || !$user_allowed ) ) { |
| 119 | |
| 120 | if(!$user_allowed && substr_count($media->post_mime_type, 'image')) { |
| 121 | $access_denied_placeholder = apply_filters("access_denied_placeholder", WPDM_BASE_DIR.'assets/images/denied.png', $media); |
| 122 | FileSystem::downloadFile($access_denied_placeholder, basename($media->guid), 10240, 0, ['play' => 1]); |
| 123 | die(); |
| 124 | } |
| 125 | |
| 126 | $picon = wp_get_attachment_image($media->ID, 'thumbnail', true); |
| 127 | $keyvalid = true; |
| 128 | $__hash = Crypt::encrypt($media->ID); |
| 129 | $download_url = ""; |
| 130 | //wp_die('Direct access disabled!'); |
| 131 | Messages::fullPage("Error!", UI::div('Direct access disabled!', 'alert alert-danger', ['style' => 'display:table;margin: 0 auto'])); |
| 132 | |
| 133 | } |
| 134 | |
| 135 | $upload_dir = wp_upload_dir(); |
| 136 | $file_path = wpdm_valueof($upload_dir, 'basedir').'/'.wpdm_query_var('wpdmmedia'); |
| 137 | // Containment: the resolved path must stay within the uploads dir so a |
| 138 | // crafted wpdmmedia value cannot traverse out and read arbitrary files. |
| 139 | $__base = realpath(wpdm_valueof($upload_dir, 'basedir')); |
| 140 | $__real = realpath($file_path); |
| 141 | if ($__real === false || $__base === false || strpos($__real, $__base . DIRECTORY_SEPARATOR) !== 0) { |
| 142 | wp_die(__('Invalid file path!', 'download-manager')); |
| 143 | } |
| 144 | $file_path = $__real; |
| 145 | $file_path = apply_filters("wpdm_media_download", $file_path, $media->ID); |
| 146 | FileSystem::downloadFile($file_path, basename($file_path), 10240, 0, array('play' => 1)); |
| 147 | die(); |
| 148 | } |
| 149 | } |
| 150 | //*/ |
| 151 | |
| 152 | function protectMediaLibrary() { |
| 153 | if ( isset( $_REQUEST['wpdmmediaid'] ) ) { |
| 154 | global $wpdb; |
| 155 | $current_user = wp_get_current_user(); |
| 156 | $ID = wpdm_query_var( 'wpdmmediaid', 'int' ); |
| 157 | $media = get_post( $ID ); |
| 158 | if ( ! $media ) { |
| 159 | Messages::fullPage( '404', esc_attr__( 'Media not found!', WPDM_TEXT_DOMAIN ) ); |
| 160 | } |
| 161 | $media_meta = wp_get_attachment_metadata( $ID ); |
| 162 | //wpdmdd($media); |
| 163 | $validFilenames = [ basename( wpdm_valueof( $media_meta, 'file' ) ), basename( $media->guid ) ]; |
| 164 | foreach ( $media_meta['sizes'] as $key => $item ) { |
| 165 | $validFilenames[] = $item['file']; |
| 166 | } |
| 167 | $media_rel_path = get_post_meta( $media->ID, '_wp_attached_file', true ); |
| 168 | if ( ! $media_rel_path && isset( $media['file'] ) ) { |
| 169 | $media_rel_path = $media['file']; |
| 170 | } |
| 171 | $validRelPath = str_replace( basename( $media_rel_path ), '', $media_rel_path ); |
| 172 | $reqFilename = basename( $_REQUEST['wpdmmedia'] ); |
| 173 | //wpdmdd($reqFilename, $validFilenames, $_REQUEST['wpdmmedia'], $validRelPath); |
| 174 | //wpdmdd(substr_count($media->guid, $_REQUEST['wpdmmedia']), $reqFilename, $validFilenames, in_array($reqFilename, $validFilenames)); |
| 175 | if ( ! in_array( $reqFilename, $validFilenames ) || substr_count( $media->guid, $_REQUEST['wpdmmedia'] ) === 0 ) { |
| 176 | wp_die( __( 'Invalid file path!', 'download-manager' ) ); |
| 177 | } |
| 178 | |
| 179 | |
| 180 | $upload_dir = wp_upload_dir(); |
| 181 | // wpdmdd($media); |
| 182 | $media->path = trailingslashit( $upload_dir['basedir'] ) . $media_rel_path; |
| 183 | $media->filesize = wpdm_file_size( $media->path ); |
| 184 | |
| 185 | $access = get_post_meta( $media->ID, '__wpdm_media_access', true ); |
| 186 | if ( ! is_array( $access ) ) { |
| 187 | $access = [ 'public' ]; |
| 188 | } |
| 189 | $password = get_post_meta( $media->ID, '__wpdm_media_pass', true ); |
| 190 | $private = get_post_meta( $media->ID, '__wpdm_private', true ); |
| 191 | if ( current_user_can( 'manage_options' ) ) { |
| 192 | $private = false; |
| 193 | } |
| 194 | $user_roles = is_user_logged_in() ? $current_user->roles + array( 'public' ) : array(); |
| 195 | $user_roles[] = 'public'; |
| 196 | $user_allowed = array_intersect( $user_roles, $access ); |
| 197 | $user_allowed = count( $user_allowed ); |
| 198 | if ( $private && ( $password || ! $user_allowed ) ) { |
| 199 | |
| 200 | if ( ! $user_allowed && substr_count( $media->post_mime_type, 'image' ) ) { |
| 201 | $access_denied_placeholder = apply_filters( "access_denied_placeholder", WPDM_BASE_DIR . 'assets/images/denied.png', $media ); |
| 202 | FileSystem::downloadFile( $access_denied_placeholder, basename( $media->guid ), 10240, 0, [ 'play' => 1 ] ); |
| 203 | die(); |
| 204 | } |
| 205 | |
| 206 | $picon = ! substr_count( $media->post_mime_type, 'image' ) ? wp_get_attachment_image( $media->ID, 'thumbnail', true ) : UI::img( wpdm_dynamic_thumb( $media->path, [ |
| 207 | 128, |
| 208 | 128 |
| 209 | ], true ), 'Thumb', [ 'width' => 48 ] ); |
| 210 | $keyvalid = true; |
| 211 | $__hash = Crypt::encrypt( $media->ID ); |
| 212 | $download_url = ""; |
| 213 | include Template::locate( "media-download.php", __DIR__ . '/views' ); |
| 214 | die(); |
| 215 | } |
| 216 | |
| 217 | //$upload_dir = wp_upload_dir(); |
| 218 | $file_path = $upload_dir['basedir'] . '/' . __::query_var( 'wpdmmedia' ); |
| 219 | // Containment: the resolved path must stay within the uploads dir so a |
| 220 | // crafted wpdmmedia value cannot traverse out and read arbitrary files. |
| 221 | $__base = realpath( $upload_dir['basedir'] ); |
| 222 | $__real = realpath( $file_path ); |
| 223 | if ( $__real === false || $__base === false || strpos( $__real, $__base . DIRECTORY_SEPARATOR ) !== 0 ) { |
| 224 | wp_die( __( 'Invalid file path!', 'download-manager' ) ); |
| 225 | } |
| 226 | $file_path = $__real; |
| 227 | $file_path = apply_filters( "wpdm_media_download", $file_path, $media->ID ); |
| 228 | //wpdmdd($file_path); |
| 229 | FileSystem::downloadFile( $file_path, basename( $file_path ), 10240, 0, array( 'play' => 1 ) ); |
| 230 | die(); |
| 231 | } |
| 232 | } |
| 233 | |
| 234 | function updateMediaAccess() { |
| 235 | $protected = get_option( "__wpdm_media_private" ); |
| 236 | $protected = $protected ? (array) json_decode( $protected ) : array(); |
| 237 | $upload_dir = wp_upload_dir(); |
| 238 | $upload_dir = $upload_dir['basedir']; |
| 239 | $htaccess_rules = "<IfModule mod_rewrite.c>\nRewriteEngine On\n"; |
| 240 | foreach ( $protected as $id => $path ) { |
| 241 | $path = str_replace( $upload_dir . '/', "", $path ); |
| 242 | $file_dir = preg_replace( "/\/([^\/]+)$/i", "/", $path ); |
| 243 | $htaccess_rules .= "RewriteRule ^({$path})$ ../../index.php?wpdmmediaid={$id}&wpdmmedia=$1\n"; |
| 244 | if ( wp_attachment_is_image( $id ) ) { |
| 245 | $meta = wp_get_attachment_metadata( $id ); |
| 246 | $thumbs = $meta['sizes']; |
| 247 | foreach ( $thumbs as $size => $thumb ) { |
| 248 | $_path = $file_dir . $thumb['file']; |
| 249 | $htaccess_rules .= "RewriteRule ^({$_path})$ ../../index.php?wpdmmediaid={$id}&wpdmmedia=$1&thumb={$size}\n"; |
| 250 | } |
| 251 | } |
| 252 | |
| 253 | } |
| 254 | $htaccess_rules .= "</IfModule>"; |
| 255 | file_put_contents( $upload_dir . '/.htaccess', $htaccess_rules ); |
| 256 | } |
| 257 | |
| 258 | function makeMediaPrivate() { |
| 259 | |
| 260 | __::isAuthentic( "mmpnonce", WPDM_PRI_NONCE, 'edit_posts' ); |
| 261 | $id = wpdm_query_var( 'mediaid' ); |
| 262 | // Verify user can edit this media |
| 263 | if (!current_user_can('edit_post', $id)) { |
| 264 | wp_send_json([ |
| 265 | 'success' => false, |
| 266 | 'message' => __('You are not allowed to edit this media.', 'download-manager') |
| 267 | ]); |
| 268 | } |
| 269 | //$meta = wp_get_attachment_metadata($id); |
| 270 | //wpdmdd($meta); |
| 271 | update_post_meta( $id, '__wpdm_media_access', wpdm_query_var( 'media_access' ) ); |
| 272 | update_post_meta( $id, '__wpdm_media_pass', wpdm_query_var( 'media_pass' ) ); |
| 273 | update_post_meta( $id, '__wpdm_private', 1 ); |
| 274 | $protected = get_option( "__wpdm_media_private" ); |
| 275 | $protected = $protected ? (array) json_decode( $protected ) : array(); |
| 276 | $protected[ $id ] = get_attached_file( $id ); |
| 277 | $protected = json_encode( $protected ); |
| 278 | update_option( '__wpdm_media_private', $protected, 'no' ); |
| 279 | do_action( "wpdm_make_media_private" ); |
| 280 | $this->updateMediaAccess(); |
| 281 | |
| 282 | $this->mediaAccessControl(); |
| 283 | } |
| 284 | |
| 285 | function makeMediaPublic() { |
| 286 | |
| 287 | __::isAuthentic( "mmpnonce", WPDM_PRI_NONCE, 'edit_posts' ); |
| 288 | |
| 289 | $id = wpdm_query_var( 'mediaid' ); |
| 290 | |
| 291 | // Verify user can edit this media |
| 292 | if (!current_user_can('edit_post', $id)) { |
| 293 | wp_send_json([ |
| 294 | 'success' => false, |
| 295 | 'message' => __('You are not allowed to edit this media.', 'download-manager') |
| 296 | ]); |
| 297 | } |
| 298 | |
| 299 | delete_post_meta( $id, '__wpdm_media_access' ); |
| 300 | delete_post_meta( $id, '__wpdm_media_pass' ); |
| 301 | delete_post_meta( $id, '__wpdm_private' ); |
| 302 | $protected = get_option( "__wpdm_media_private" ); |
| 303 | $protected = $protected ? (array) json_decode( $protected ) : array(); |
| 304 | unset( $protected[ $id ] ); |
| 305 | $protected = json_encode( $protected ); |
| 306 | update_option( '__wpdm_media_private', $protected, 'no' ); |
| 307 | do_action( "wpdm_make_media_public" ); |
| 308 | $this->updateMediaAccess(); |
| 309 | $this->mediaAccessControl(); |
| 310 | } |
| 311 | |
| 312 | function mediaAccessControl() { |
| 313 | |
| 314 | __::isAuthentic('pmanonce', WPDM_PRI_NONCE, WPDM_ADMIN_CAP); |
| 315 | |
| 316 | $id = wpdm_query_var( 'mediaid' ); |
| 317 | $wpdm_media_access = maybe_unserialize( get_post_meta( $id, '__wpdm_media_access', true ) ); |
| 318 | $wpdm_media_pass = get_post_meta( $id, '__wpdm_media_pass', true ); |
| 319 | $wpdm_media_private = (int) get_post_meta( $id, '__wpdm_private', true ); |
| 320 | ?> |
| 321 | |
| 322 | <div class="panel panel-default" |
| 323 | id="__protm" <?php if ( $wpdm_media_private ) { ?> style="display: none" <?php } ?>> |
| 324 | <div class="panel-body"> |
| 325 | <?php _e( 'This file is not protected.', 'download-manager' ) ?> |
| 326 | </div> |
| 327 | <div class="panel-footer"> |
| 328 | <button class="btn btn-success btn-block" |
| 329 | onclick="jQuery('#__protm').slideUp();jQuery('#__prots').slideDown();"><?php _e( 'Protect this file', 'download-manager' ); ?></button> |
| 330 | </div> |
| 331 | </div> |
| 332 | |
| 333 | <div id="__prots" |
| 334 | class="panel panel-default" <?php if ( ! $wpdm_media_private ) { ?> style="display: none" <?php } ?>> |
| 335 | <?php if ( $wpdm_media_private ) { ?> |
| 336 | <div class="panel-body text-danger"><i class="fa fa-lock"></i> |
| 337 | — <?php echo __( "This file is protected", "download-manager" ); ?></div><?php } ?> |
| 338 | <div class="panel-heading"><?php _e( 'Password:', 'download-manager' ); ?></div> |
| 339 | <div class="panel-body"><input type="text" value="<?php echo $wpdm_media_pass; ?>" id="media_pass" |
| 340 | class="form-control" |
| 341 | style="border-radius: 3px;border: 0;box-shadow: none !important;" |
| 342 | name="media[password]" |
| 343 | placeholder="<?php _e( 'Password', 'download-manager' ); ?>"/></div> |
| 344 | <div class="panel-heading" |
| 345 | style="border-radius: 0;border-top: 1px solid #ddd"><?php _e( 'Allow Access:', 'download-manager' ); ?></div> |
| 346 | <div class="panel-body" id="acx"> |
| 347 | |
| 348 | <?php |
| 349 | |
| 350 | |
| 351 | $selz = ''; |
| 352 | if ( is_array( $wpdm_media_access ) ) { |
| 353 | $selz = ( in_array( 'public', $wpdm_media_access ) ) ? 'checked=checked' : ''; |
| 354 | } |
| 355 | |
| 356 | ?> |
| 357 | |
| 358 | <label><input class="media_access" style="margin: 0" name="media[access][]" type="checkbox" |
| 359 | value="public" <?php echo $selz ?>> <?php echo __( "Public", "download-manager" ); ?> |
| 360 | </label> |
| 361 | <?php |
| 362 | global $wp_roles; |
| 363 | $roles = array_reverse( $wp_roles->role_names ); |
| 364 | unset( $roles['administrator'] ); |
| 365 | foreach ( $roles as $role => $name ) { |
| 366 | |
| 367 | |
| 368 | if ( is_array( $wpdm_media_access ) ) { |
| 369 | $sel = ( in_array( $role, $wpdm_media_access ) ) ? 'checked=checked' : ''; |
| 370 | } else { |
| 371 | $sel = ''; |
| 372 | } |
| 373 | |
| 374 | |
| 375 | ?> |
| 376 | <label><input class="media_access" style="margin: 0" name="media[access][]" type="checkbox" |
| 377 | value="<?php echo $role; ?>" <?php echo $sel ?>> <?php echo $name; ?></label> |
| 378 | <?php } ?> |
| 379 | |
| 380 | </div> |
| 381 | <?php do_action( "wpdm_meidia_access_settings" ); ?> |
| 382 | <div class="panel-heading"> |
| 383 | <?php echo __( "Shortcode:", "download-manager" ) ?> |
| 384 | </div> |
| 385 | <div> |
| 386 | <input onfocus="this.select()" type="text" readonly="readonly" class="form-control" |
| 387 | style="border: 0;box-shadow: none !important;text-align: center;background: #ffffff;font-family: monospace" |
| 388 | value="[wpdm_media id=<?php echo $id; ?>]"/> |
| 389 | </div> |
| 390 | <div class="panel-footer"> |
| 391 | <button class="btn btn-block btn-primary btn-sm" id="__makeprivate" |
| 392 | data-id="<?php echo $id; ?>"><?php _e( 'Apply restrictions', 'download-manager' ); ?></button> |
| 393 | </div> |
| 394 | <div class="panel-footer"> |
| 395 | <button class="btn btn-block btn-danger btn-sm" id="__makepublic" |
| 396 | data-id="<?php echo $id; ?>"><?php _e( 'Remove all restrictions', 'download-manager' ); ?></button> |
| 397 | </div> |
| 398 | </div> |
| 399 | |
| 400 | |
| 401 | <style> |
| 402 | #acx { |
| 403 | height: 150px; |
| 404 | overflow: auto; |
| 405 | } |
| 406 | |
| 407 | #acx input[type=checkbox] { |
| 408 | transform: scale(0.7); |
| 409 | margin-top: -1px; |
| 410 | } |
| 411 | |
| 412 | #acx label { |
| 413 | font-weight: 400; |
| 414 | padding: 0 15px; |
| 415 | line-height: 18px; |
| 416 | font-size: 10px; |
| 417 | display: block; |
| 418 | width: 100%; |
| 419 | } |
| 420 | </style> |
| 421 | <?php |
| 422 | die(); |
| 423 | } |
| 424 | |
| 425 | function footerScripts() { |
| 426 | global $pagenow; |
| 427 | ?> |
| 428 | <script> |
| 429 | var xhr = null; |
| 430 | jQuery(function ($) { |
| 431 | |
| 432 | $('body').on('click', '#__makepublic', function () { |
| 433 | $('#__prots').addClass('blockui'); |
| 434 | $.post(ajaxurl, { |
| 435 | action: 'make_media_public', |
| 436 | mmpnonce: '<?php echo wp_create_nonce( WPDM_PRI_NONCE ); ?>', |
| 437 | mediaid: $(this).data('id') |
| 438 | }, function (res) { |
| 439 | $('#__prots').removeClass('blockui'); |
| 440 | $('#__prots').slideUp(); |
| 441 | $('#__protm').slideDown(function () { |
| 442 | $('#wpdm-media-access').html(res); |
| 443 | }); |
| 444 | }); |
| 445 | }); |
| 446 | |
| 447 | $('body').on('click', '#__makeprivate', function () { |
| 448 | $('#__prots').addClass('blockui'); |
| 449 | var media_access = $("input.media_access:checkbox:checked").map(function () { |
| 450 | return $(this).val(); |
| 451 | }).get(); |
| 452 | $.post(ajaxurl, { |
| 453 | action: 'make_media_private', |
| 454 | mmpnonce: '<?php echo wp_create_nonce( WPDM_PRI_NONCE ); ?>', |
| 455 | mediaid: $(this).data('id'), |
| 456 | media_pass: $('#media_pass').val(), |
| 457 | media_access: media_access |
| 458 | }, function (res) { |
| 459 | $('#__prots').removeClass('blockui'); |
| 460 | $('#wpdm-media-access').html(res); |
| 461 | }); |
| 462 | }); |
| 463 | }); |
| 464 | </script> |
| 465 | <?php |
| 466 | } |
| 467 | |
| 468 | function protectionSettings( $form_fields, $post ) { |
| 469 | ob_start(); |
| 470 | //wpdmprecho($post); |
| 471 | ?> |
| 472 | <script> |
| 473 | jQuery(function ($) { |
| 474 | $('.w3eden.media-access-control-container').remove(); |
| 475 | $('.attachment-info .details').after("<div class='w3eden media-access-control-container'><br style='clear:both;'/><hr style='clear:both;margin-bottom:10px'/><div id='wpdm-media-access'><div class='panel panel-default'><div class='panel-body'><i class='fa fa-sun fa-spin'></i> <?php echo __( "Checking status...", "download-manager" ); ?></div></div></div></div>"); |
| 476 | xhr = $.ajax({ |
| 477 | type: "GET", |
| 478 | url: ajaxurl, |
| 479 | data: "action=wpdm_media_access&mediaid=<?php echo $post->ID; ?>&pmanonce=<?php echo wp_create_nonce(WPDM_PRI_NONCE) ?>", //+$(this).data('id'), |
| 480 | success: function (res) { |
| 481 | $('#wpdm-media-access').html(res); |
| 482 | } |
| 483 | }); |
| 484 | }); |
| 485 | </script><?php |
| 486 | $html = ob_get_clean(); |
| 487 | $form_fields["mac"] = array( |
| 488 | "label" => '', |
| 489 | "input" => "html", // this is default if "input" is omitted |
| 490 | "html" => $html |
| 491 | ); |
| 492 | |
| 493 | |
| 494 | return $form_fields; |
| 495 | } |
| 496 | |
| 497 | } |
| 498 | |
| 499 |