Php Wordpress用户文件上载和下载限制问题
我有一个wordpress插件,它通常会向用户显示站点管理员为每个用户上传的可下载文件 这个插件工作正常,上传文件工作正常,但是文件显示只有139个文件需要下载,尽管代码没有任何限制 下面是显示要下载的文件列表的简短代码Php Wordpress用户文件上载和下载限制问题,php,wordpress,Php,Wordpress,我有一个wordpress插件,它通常会向用户显示站点管理员为每个用户上传的可下载文件 这个插件工作正常,上传文件工作正常,但是文件显示只有139个文件需要下载,尽管代码没有任何限制 下面是显示要下载的文件列表的简短代码 <?php class Bhuppu_Admin { static $short_code_added; public $errors; function __construct() { register_activatio
<?php
class Bhuppu_Admin {
static $short_code_added;
public $errors;
function __construct() {
register_activation_hook(BHUUFU_PLUGIN_FILE, array(&$this, 'activation'));
add_action('admin_init', array(&$this, 'enqueue'), 10);
add_action('edit_user_profile', array(&$this, 'add_user_file_upload_fields'));
add_action('edit_user_profile_update', array(&$this, 'save_user_file_upload_fields'));
add_filter('upload_dir', array(&$this, 'user_upload_files_dir'));
add_shortcode('list_user_files', array(&$this, 'user_uploaded_files_list'));
add_filter('the_posts', array(&$this, 'conditionally_add_scripts_and_styles'));
add_action('template_redirect', array(&$this, 'template_redirect'));
add_action('wp_ajax_query-attachments', array(&$this, 'change_media_display'), 0);
add_filter('wp_prepare_attachment_for_js', array(&$this, 'change_upload_media_display'),10,3);
//ajax
add_action('wp_ajax_deletefile', array(&$this, 'deletefile'));
do_action('BHUUFU/init');
}
//setup on activation
public function activation() {
//create sub directory
$baseDir = WP_CONTENT_DIR . '/uploads/user-files/';
wp_mkdir_p($baseDir);
//create .htacess file
$server_address = $_SERVER['SERVER_ADDR'];
$filename = $baseDir . '.htaccess';
if (!file_exists($filename)) {
$file_handle = fopen($filename, "w") or die("Error: Unable to create .htaccess file");
$content_string = "Options -Indexes\n";
fwrite($file_handle, $content_string);
$content_string = "Deny from all\n";
fwrite($file_handle, $content_string);
fclose($file_handle);
}
}
//change upload directory
public function user_upload_files_dir($upload) {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
if ($current_page != "user-edit.php")
return $upload;
// check if it a async-upload request
$referer = basename($_SERVER['REQUEST_URI']);
if ($referer != "async-upload.php")
return $upload;
//get userid from http http_referer
$p = parse_url($_SERVER['HTTP_REFERER']);
parse_str($p["query"], $get);
$user_id = $get['user_id'];
//change upload directory to user-files/$user_id
$baseDir = WP_CONTENT_DIR . '/uploads/user-files/';
$baseUrl = WP_CONTENT_URL . '/uploads/user-files/';
$upload['subdir'] = $user_id;
$upload['path'] = $baseDir . $upload['subdir'];
$upload['url'] = $baseUrl . $upload['subdir'];
return $upload;
}
//Enqueue class assets\
public function enqueue() {
global $pagenow;
if ($pagenow != "user-edit.php")
return;
// Enqueue styles
wp_enqueue_style('bhuufu_admin_styles', BHUUFU_URL . '/assets/css/admin_styles.css');
// Enqueue scripts
wp_enqueue_script('jquery');
wp_enqueue_script('bhuufu_repeatable-fields.js', BHUUFU_URL . '/assets/js/repeatable-fields.js');
wp_enqueue_script('bhuufu_admin_script', BHUUFU_URL . 'assets/js/stb_admin.js');
// Hook to add/remove files
do_action('BHUUFU/assets/enqueue');
}
//conditionally_add_scripts_and_styles
public function conditionally_add_scripts_and_styles($posts) {
if (empty($posts))
return $posts;
$shortcode_found = false;
foreach ($posts as $post) {
if (stripos($post->post_content, '[list_user_files]') !== false) {
$shortcode_found = true;
break;
}
}
if ($shortcode_found) {
wp_enqueue_style('user-upload-css', BHUUFU_URL . 'assets/css/styles.css');
}
return $posts;
}
//user_file_upload_fields
function add_user_file_upload_fields($user) {
$bhu_uufef = get_user_meta($user->ID, 'user_file_uploads', true);
wp_enqueue_media();
?>
<h3><?php _e('File Uploads', 'wpcf7'); ?></h3>
<div class="ff-repeatable">
<table>
<thead>
<tr>
<th><?php _e('Url', 'wpcf7'); ?></th>
<th><?php _e('Name', 'wpcf7'); ?></th>
<th><?php _e('Decsription', 'wpcf7'); ?></th>
<th><img alt="Add Row" class="ff-add-row" src="<?php echo BHUUFU_URL; ?>assets/images/add.png"></th>
</tr>
</thead>
<tbody>
<tr class="ff-add-template" style="">
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="<?php echo BHUUFU_URL; ?>assets/images/remove.png">
</td>
</tr>
<?php
if (isset($bhu_uufef['file_url']) && $extra_fields = array_filter($bhu_uufef['file_url'])) {
foreach ($extra_fields as $key => $value) {
echo'
<tr>
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="' . $bhu_uufef['file_url'][$key] . '" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="' . $bhu_uufef['file_name'][$key] . '" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="' . $bhu_uufef['file_description'][$key] . '" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="' . $bhu_uufef['file_id'][$key] . '" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="' . $bhu_uufef['file_oname'][$key] . '" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="' . $bhu_uufef['file_mime'][$key] . '" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
</td>
</tr>';
}
} else {
echo'
<tr>
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
</td>
</tr>';
}
?>
</tbody>
</table>
</div>
<?php
}
//user porfile fields save
public function save_user_file_upload_fields($user_id) {
if (isset($_POST['bhuufu-user-uploads']['file_url_tmp']) && $extra_fields = array_filter($_POST['bhuufu-user-uploads']['file_url_tmp'])) {
foreach ($extra_fields as $key => $value) {
$_POST['bhuufu-user-uploads']['file_url'][] = $_POST['bhuufu-user-uploads']['file_url_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_name'][] = $_POST['bhuufu-user-uploads']['file_name_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_description'][] = $_POST['bhuufu-user-uploads']['file_description_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_id'][] = $_POST['bhuufu-user-uploads']['file_id_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_oname'][] = $_POST['bhuufu-user-uploads']['file_oname_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_mime'][] = $_POST['bhuufu-user-uploads']['file_mime_tmp'][$key];
}
}
unset($_POST['bhuufu-user-uploads']['file_url_tmp']);
unset($_POST['bhuufu-user-uploads']['file_name_tmp']);
unset($_POST['bhuufu-user-uploads']['file_description_tmp']);
unset($_POST['bhuufu-user-uploads']['file_id_tmp']);
unset($_POST['bhuufu-user-uploads']['file_oname_tmp']);
unset($_POST['bhuufu-user-uploads']['file_mime_tmp']);
update_usermeta($user_id, 'user_file_uploads', $_POST['bhuufu-user-uploads']);
}
//delete file
public function deletefile() {
global $wpdb;
$file_id = $_REQUEST["file_id"];
$user_id = $_REQUEST["user_id"];
// Delete file
$is_deleted = wp_delete_attachment($file_id);
if ($is_deleted->ID) {
$bhu_uufef = get_user_meta($user_id, 'user_file_uploads', true);
$key = array_search($file_id, $bhu_uufef['file_id']);
unset($bhu_uufef['file_url'][$key]);
unset($bhu_uufef['file_name'][$key]);
unset($bhu_uufef['file_description'][$key]);
unset($bhu_uufef['file_id'][$key]);
unset($bhu_uufef['file_oname'][$key]);
unset($bhu_uufef['file_mime'][$key]);
update_usermeta($user_id, 'user_file_uploads', $bhu_uufef);
$result['status'] = "sucess";
} else {
$result['status'] = "fail";
}
echo json_encode($result);
exit;
}
//user frontend to display the download list
public function user_uploaded_files_list() {
if (is_user_logged_in()) {
//list all files uploaded for user
global $current_user;
$bhu_uufef = get_user_meta($current_user->ID, 'user_file_uploads', true);
if (isset($bhu_uufef['file_url']) && $extra_fields = array_filter($bhu_uufef['file_url'])) {
$count = 1;
$output .= <<< _RAMA
<tr>
<th>SN#</th>
<th>File name</th>
<th>Description</th>
<th>Size</th>
<th>Download</th>
</tr>
_RAMA;
foreach ($extra_fields as $key => $value) {
$wpnonce = wp_create_nonce("bhu_" . $bhu_uufef['file_id'][$key]);
$size = size_format(filesize(get_attached_file($bhu_uufef['file_id'][$key])));
$download_link = "<a href='" . BHUUFU_URL . 'download.php?id=' . $bhu_uufef['file_id'][$key] . "&wpnonce=$wpnonce' title='Download' target='_blank' class='small-btn'><img alt='Download' class='ff-add-row' src='http://www.rcmfire.com/wp-content/uploads/2014/10/download.png'></a>";
if ($count & 1)
$class = 'odd';
else
$class = 'even';
$output .= <<< _RAMA
<tr class="$class">
<td>$count</td>
<td>{$bhu_uufef['file_name'][$key]}</td>
<td>{$bhu_uufef['file_description'][$key]}</td>
<td>$size</td>
<td>$download_link</td>
</tr>
_RAMA;
$count++;
}
} else {
$output = "<tr><td colspan='5'><p>No current uploads</p></td></tr>";
}
$logout_url = '<a href="' . wp_logout_url(home_url()) . '" title="Logout">Logout</a>';
$table = <<< _RAMA
<table width="100%">
<thead>
<tr>
<td colspan="4">Welcome $current_user->user_login</td>
<td>$logout_url</td>
</tr>
</thead>
<tbody>
$output
</tbody>
</table>
_RAMA;
$final_html = "<div class='user-download-files' >" . $table . "</div>";
return $final_html;
} else {
$form = $_REQUEST['form'];
switch ($form) {
case 'lostpassword':
include_once BHUUFU_PATH . '/includes/user/forms/lostpassword-form.php';
break;
case 'resetpassword':
include_once BHUUFU_PATH . '/includes/user/forms/restpassword-form.php';
break;
default:
include_once BHUUFU_PATH . '/includes/user/forms/login-form.php';
break;
}
}
}
//to handle login,reset,new password
public function template_redirect() {
$do_process = $_REQUEST['do_process'];
switch ($do_process) {
case 'lostpassword':
include_once BHUUFU_PATH . '/includes/user/process/lostpassword-process.php';
break;
case 'resetpassword':
include_once BHUUFU_PATH . '/includes/user/process/resetpassword-process.php';
break;
default:
include_once BHUUFU_PATH . '/includes/user/process/login-process.php';
break;
}
}
//check password reset key
public static function check_password_reset_key($key, $login) {
global $wpdb;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if (empty($key) || !is_string($key))
return new WP_Error('invalid_key', __('Invalid key'));
if (empty($login) || !is_string($login))
return new WP_Error('invalid_key', __('Invalid key'));
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $key, $login));
if (empty($user))
return new WP_Error('invalid_key', __('Invalid key'));
return $user;
}
//reset password
public static function reset_password($user, $new_pass) {
wp_set_password($new_pass, $user->ID);
}
//alter images display on miedia uploader
public function change_media_display() {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
// check if it a async-upload request
$referer = basename($_SERVER['REQUEST_URI']);
if ($current_page == "user-edit.php" && $referer == "admin-ajax.php") {
if ( ! current_user_can( 'upload_files' ) )
wp_send_json_error();
$query = isset($_REQUEST['query']) ? (array) $_REQUEST['query'] : array();
$query = array_intersect_key($query, array_flip(array(
's', 'order', 'orderby', 'posts_per_page', 'paged', 'post_mime_type',
'post_parent', 'post__in', 'post__not_in',
)));
$query['post_type'] = 'attachment';
if (current_user_can(get_post_type_object('attachment')->cap->read_private_posts))
$query['post_status'] = 'private';
/**
* Filter the arguments passed to WP_Query during an AJAX call for querying attachments.
*
* @since 3.7.0
*
* @param array $query An array of query variables. @see WP_Query::parse_query()
*/
$query = apply_filters('ajax_query_attachments_args', $query);
$query = new WP_Query($query);
$posts = array_map('wp_prepare_attachment_for_js', $query->posts);
$posts = array_filter($posts);
// foreach ($posts as $key => $post) {
// $posts[$key]['type'] = 'images';
// }
wp_send_json_success($posts);
}
}
//change upload media display
public function change_upload_media_display($response, $attachment, $meta) {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
// check if it a async-upload request
//$referer = basename($_SERVER['REQUEST_URI']);
if ($current_page == "user-edit.php") {
//change image type
if ( $response['type'] = "image" )
$response['type'] = "images" ;
//change attachment status to private
if ( $attachment->post_status = "inherit" ) {
$attachment_change = array( 'ID' => $attachment->ID, 'post_status' => 'private' );
wp_update_post( $attachment_change );
}
}
return $response;
}
}
new Bhuppu_Admin;
资产/图像/添加.png“>
资产/图像/删除.png“>
第246、256257、272、327、338、379、400、401行有代码错误,请告诉我代码错误是什么?第246、256257、272、327、338、379、400、401行有代码错误,请告诉我代码错误是什么?