I have a wordpress plugins and it's generally shows users downloadable files uploaded by Site Admin for each users.
This plugins works fine and the upload files working fine, but the files shows only 139 files to download though the code do not have any restriction.
Below is the short code to show lists of files to be download.
<?php
class Bhuppu_Admin {
static $short_code_added;
public $errors;
function __construct() {
register_activation_hook(BHUUFU_PLUGIN_FILE, array(&$this, 'activation'));
add_action('admin_init', array(&$this, 'enqueue'), 10);
add_action('edit_user_profile', array(&$this, 'add_user_file_upload_fields'));
add_action('edit_user_profile_update', array(&$this, 'save_user_file_upload_fields'));
add_filter('upload_dir', array(&$this, 'user_upload_files_dir'));
add_shortcode('list_user_files', array(&$this, 'user_uploaded_files_list'));
add_filter('the_posts', array(&$this, 'conditionally_add_scripts_and_styles'));
add_action('template_redirect', array(&$this, 'template_redirect'));
add_action('wp_ajax_query-attachments', array(&$this, 'change_media_display'), 0);
add_filter('wp_prepare_attachment_for_js', array(&$this, 'change_upload_media_display'),10,3);
//ajax
add_action('wp_ajax_deletefile', array(&$this, 'deletefile'));
do_action('BHUUFU/init');
}
//setup on activation
public function activation() {
//create sub directory
$baseDir = WP_CONTENT_DIR . '/uploads/user-files/';
wp_mkdir_p($baseDir);
//create .htacess file
$server_address = $_SERVER['SERVER_ADDR'];
$filename = $baseDir . '.htaccess';
if (!file_exists($filename)) {
$file_handle = fopen($filename, "w") or die("Error: Unable to create .htaccess file");
$content_string = "Options -Indexes
";
fwrite($file_handle, $content_string);
$content_string = "Deny from all
";
fwrite($file_handle, $content_string);
fclose($file_handle);
}
}
//change upload directory
public function user_upload_files_dir($upload) {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
if ($current_page != "user-edit.php")
return $upload;
// check if it a async-upload request
$referer = basename($_SERVER['REQUEST_URI']);
if ($referer != "async-upload.php")
return $upload;
//get userid from http http_referer
$p = parse_url($_SERVER['HTTP_REFERER']);
parse_str($p["query"], $get);
$user_id = $get['user_id'];
//change upload directory to user-files/$user_id
$baseDir = WP_CONTENT_DIR . '/uploads/user-files/';
$baseUrl = WP_CONTENT_URL . '/uploads/user-files/';
$upload['subdir'] = $user_id;
$upload['path'] = $baseDir . $upload['subdir'];
$upload['url'] = $baseUrl . $upload['subdir'];
return $upload;
}
//Enqueue class assets\
public function enqueue() {
global $pagenow;
if ($pagenow != "user-edit.php")
return;
// Enqueue styles
wp_enqueue_style('bhuufu_admin_styles', BHUUFU_URL . '/assets/css/admin_styles.css');
// Enqueue scripts
wp_enqueue_script('jquery');
wp_enqueue_script('bhuufu_repeatable-fields.js', BHUUFU_URL . '/assets/js/repeatable-fields.js');
wp_enqueue_script('bhuufu_admin_script', BHUUFU_URL . 'assets/js/stb_admin.js');
// Hook to add/remove files
do_action('BHUUFU/assets/enqueue');
}
//conditionally_add_scripts_and_styles
public function conditionally_add_scripts_and_styles($posts) {
if (empty($posts))
return $posts;
$shortcode_found = false;
foreach ($posts as $post) {
if (stripos($post->post_content, '[list_user_files]') !== false) {
$shortcode_found = true;
break;
}
}
if ($shortcode_found) {
wp_enqueue_style('user-upload-css', BHUUFU_URL . 'assets/css/styles.css');
}
return $posts;
}
//user_file_upload_fields
function add_user_file_upload_fields($user) {
$bhu_uufef = get_user_meta($user->ID, 'user_file_uploads', true);
wp_enqueue_media();
?>
<h3><?php _e('File Uploads', 'wpcf7'); ?></h3>
<div class="ff-repeatable">
<table>
<thead>
<tr>
<th><?php _e('Url', 'wpcf7'); ?></th>
<th><?php _e('Name', 'wpcf7'); ?></th>
<th><?php _e('Decsription', 'wpcf7'); ?></th>
<th><img alt="Add Row" class="ff-add-row" src="<?php echo BHUUFU_URL; ?>assets/images/add.png"></th>
</tr>
</thead>
<tbody>
<tr class="ff-add-template" style="">
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="<?php echo BHUUFU_URL; ?>assets/images/remove.png">
</td>
</tr>
<?php
if (isset($bhu_uufef['file_url']) && $extra_fields = array_filter($bhu_uufef['file_url'])) {
foreach ($extra_fields as $key => $value) {
echo'
<tr>
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="' . $bhu_uufef['file_url'][$key] . '" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="' . $bhu_uufef['file_name'][$key] . '" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="' . $bhu_uufef['file_description'][$key] . '" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="' . $bhu_uufef['file_id'][$key] . '" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="' . $bhu_uufef['file_oname'][$key] . '" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="' . $bhu_uufef['file_mime'][$key] . '" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
</td>
</tr>';
}
} else {
echo'
<tr>
<td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
<td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="" /></td>
<td>
<input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
<input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
<input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
<img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
</td>
</tr>';
}
?>
</tbody>
</table>
</div>
<?php
}
//user porfile fields save
public function save_user_file_upload_fields($user_id) {
if (isset($_POST['bhuufu-user-uploads']['file_url_tmp']) && $extra_fields = array_filter($_POST['bhuufu-user-uploads']['file_url_tmp'])) {
foreach ($extra_fields as $key => $value) {
$_POST['bhuufu-user-uploads']['file_url'][] = $_POST['bhuufu-user-uploads']['file_url_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_name'][] = $_POST['bhuufu-user-uploads']['file_name_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_description'][] = $_POST['bhuufu-user-uploads']['file_description_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_id'][] = $_POST['bhuufu-user-uploads']['file_id_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_oname'][] = $_POST['bhuufu-user-uploads']['file_oname_tmp'][$key];
$_POST['bhuufu-user-uploads']['file_mime'][] = $_POST['bhuufu-user-uploads']['file_mime_tmp'][$key];
}
}
unset($_POST['bhuufu-user-uploads']['file_url_tmp']);
unset($_POST['bhuufu-user-uploads']['file_name_tmp']);
unset($_POST['bhuufu-user-uploads']['file_description_tmp']);
unset($_POST['bhuufu-user-uploads']['file_id_tmp']);
unset($_POST['bhuufu-user-uploads']['file_oname_tmp']);
unset($_POST['bhuufu-user-uploads']['file_mime_tmp']);
update_usermeta($user_id, 'user_file_uploads', $_POST['bhuufu-user-uploads']);
}
//delete file
public function deletefile() {
global $wpdb;
$file_id = $_REQUEST["file_id"];
$user_id = $_REQUEST["user_id"];
// Delete file
$is_deleted = wp_delete_attachment($file_id);
if ($is_deleted->ID) {
$bhu_uufef = get_user_meta($user_id, 'user_file_uploads', true);
$key = array_search($file_id, $bhu_uufef['file_id']);
unset($bhu_uufef['file_url'][$key]);
unset($bhu_uufef['file_name'][$key]);
unset($bhu_uufef['file_description'][$key]);
unset($bhu_uufef['file_id'][$key]);
unset($bhu_uufef['file_oname'][$key]);
unset($bhu_uufef['file_mime'][$key]);
update_usermeta($user_id, 'user_file_uploads', $bhu_uufef);
$result['status'] = "sucess";
} else {
$result['status'] = "fail";
}
echo json_encode($result);
exit;
}
//user frontend to display the download list
public function user_uploaded_files_list() {
if (is_user_logged_in()) {
//list all files uploaded for user
global $current_user;
$bhu_uufef = get_user_meta($current_user->ID, 'user_file_uploads', true);
if (isset($bhu_uufef['file_url']) && $extra_fields = array_filter($bhu_uufef['file_url'])) {
$count = 1;
$output .= <<< _RAMA
<tr>
<th>SN#</th>
<th>File name</th>
<th>Description</th>
<th>Size</th>
<th>Download</th>
</tr>
_RAMA;
foreach ($extra_fields as $key => $value) {
$wpnonce = wp_create_nonce("bhu_" . $bhu_uufef['file_id'][$key]);
$size = size_format(filesize(get_attached_file($bhu_uufef['file_id'][$key])));
$download_link = "<a href='" . BHUUFU_URL . 'download.php?id=' . $bhu_uufef['file_id'][$key] . "&wpnonce=$wpnonce' title='Download' target='_blank' class='small-btn'><img alt='Download' class='ff-add-row' src='http://www.rcmfire.com/wp-content/uploads/2014/10/download.png'></a>";
if ($count & 1)
$class = 'odd';
else
$class = 'even';
$output .= <<< _RAMA
<tr class="$class">
<td>$count</td>
<td>{$bhu_uufef['file_name'][$key]}</td>
<td>{$bhu_uufef['file_description'][$key]}</td>
<td>$size</td>
<td>$download_link</td>
</tr>
_RAMA;
$count++;
}
} else {
$output = "<tr><td colspan='5'><p>No current uploads</p></td></tr>";
}
$logout_url = '<a href="' . wp_logout_url(home_url()) . '" title="Logout">Logout</a>';
$table = <<< _RAMA
<table width="100%">
<thead>
<tr>
<td colspan="4">Welcome $current_user->user_login</td>
<td>$logout_url</td>
</tr>
</thead>
<tbody>
$output
</tbody>
</table>
_RAMA;
$final_html = "<div class='user-download-files' >" . $table . "</div>";
return $final_html;
} else {
$form = $_REQUEST['form'];
switch ($form) {
case 'lostpassword':
include_once BHUUFU_PATH . '/includes/user/forms/lostpassword-form.php';
break;
case 'resetpassword':
include_once BHUUFU_PATH . '/includes/user/forms/restpassword-form.php';
break;
default:
include_once BHUUFU_PATH . '/includes/user/forms/login-form.php';
break;
}
}
}
//to handle login,reset,new password
public function template_redirect() {
$do_process = $_REQUEST['do_process'];
switch ($do_process) {
case 'lostpassword':
include_once BHUUFU_PATH . '/includes/user/process/lostpassword-process.php';
break;
case 'resetpassword':
include_once BHUUFU_PATH . '/includes/user/process/resetpassword-process.php';
break;
default:
include_once BHUUFU_PATH . '/includes/user/process/login-process.php';
break;
}
}
//check password reset key
public static function check_password_reset_key($key, $login) {
global $wpdb;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if (empty($key) || !is_string($key))
return new WP_Error('invalid_key', __('Invalid key'));
if (empty($login) || !is_string($login))
return new WP_Error('invalid_key', __('Invalid key'));
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $key, $login));
if (empty($user))
return new WP_Error('invalid_key', __('Invalid key'));
return $user;
}
//reset password
public static function reset_password($user, $new_pass) {
wp_set_password($new_pass, $user->ID);
}
//alter images display on miedia uploader
public function change_media_display() {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
// check if it a async-upload request
$referer = basename($_SERVER['REQUEST_URI']);
if ($current_page == "user-edit.php" && $referer == "admin-ajax.php") {
if ( ! current_user_can( 'upload_files' ) )
wp_send_json_error();
$query = isset($_REQUEST['query']) ? (array) $_REQUEST['query'] : array();
$query = array_intersect_key($query, array_flip(array(
's', 'order', 'orderby', 'posts_per_page', 'paged', 'post_mime_type',
'post_parent', 'post__in', 'post__not_in',
)));
$query['post_type'] = 'attachment';
if (current_user_can(get_post_type_object('attachment')->cap->read_private_posts))
$query['post_status'] = 'private';
/**
* Filter the arguments passed to WP_Query during an AJAX call for querying attachments.
*
* @since 3.7.0
*
* @param array $query An array of query variables. @see WP_Query::parse_query()
*/
$query = apply_filters('ajax_query_attachments_args', $query);
$query = new WP_Query($query);
$posts = array_map('wp_prepare_attachment_for_js', $query->posts);
$posts = array_filter($posts);
// foreach ($posts as $key => $post) {
// $posts[$key]['type'] = 'images';
// }
wp_send_json_success($posts);
}
}
//change upload media display
public function change_upload_media_display($response, $attachment, $meta) {
//check if this a user-edit page
$current_page = basename($_SERVER['HTTP_REFERER']);
$current_page_tmp = explode("?", $current_page);
$current_page = $current_page_tmp[0];
// check if it a async-upload request
//$referer = basename($_SERVER['REQUEST_URI']);
if ($current_page == "user-edit.php") {
//change image type
if ( $response['type'] = "image" )
$response['type'] = "images" ;
//change attachment status to private
if ( $attachment->post_status = "inherit" ) {
$attachment_change = array( 'ID' => $attachment->ID, 'post_status' => 'private' );
wp_update_post( $attachment_change );
}
}
return $response;
}
}
new Bhuppu_Admin;