/** * Split topic handler * * Handles the front end split topic submission * * @since bbPress (r2756) * * @param string $action The requested action to compare this function to * @uses bbp_add_error() To add an error message * @uses bbp_get_reply() To get the reply * @uses bbp_get_topic() To get the topics * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the topics * @uses bbp_get_topic_post_type() To get the topic post type * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses do_action() Calls 'bbp_pre_split_topic' with the from reply id, source * and destination topic ids * @uses bbp_get_topic_subscribers() To get the source topic subscribers * @uses bbp_add_user_subscription() To add the user subscription * @uses bbp_get_topic_favoriters() To get the source topic favoriters * @uses bbp_add_user_favorite() To add the user favorite * @uses wp_get_post_terms() To get the source topic tags * @uses wp_set_post_terms() To set the topic tags * @uses bbp_get_reply_post_type() To get the reply post type * @uses wpdb::prepare() To prepare our sql query * @uses wpdb::get_results() To execute the sql query and get results * @uses wp_update_post() To update the replies * @uses bbp_update_reply_topic_id() To update the reply topic id * @uses bbp_get_topic_forum_id() To get the topic forum id * @uses bbp_update_reply_forum_id() To update the reply forum id * @uses do_action() Calls 'bbp_split_topic_reply' with the reply id and * destination topic id * @uses bbp_update_topic_last_reply_id() To update the topic last reply id * @uses bbp_update_topic_last_active_time() To update the topic last active meta * @uses do_action() Calls 'bbp_post_split_topic' with the destination and * source topic ids and source topic's forum id * @uses bbp_get_topic_permalink() To get the topic permalink * @uses wp_safe_redirect() To redirect to the topic link */ function bbp_split_topic_handler($action = '') { // Bail if action is not 'bbp-split-topic' if ('bbp-split-topic' !== $action) { return; } global $wpdb; // Prevent debug notices $from_reply_id = $destination_topic_id = 0; $destination_topic_title = ''; $destination_topic = $from_reply = $source_topic = ''; $split_option = false; /** Split Reply ***********************************************************/ if (empty($_POST['bbp_reply_id'])) { bbp_add_error('bbp_split_topic_reply_id', __('<strong>ERROR</strong>: Reply ID to split the topic from not found!', 'bbpress')); } else { $from_reply_id = (int) $_POST['bbp_reply_id']; } $from_reply = bbp_get_reply($from_reply_id); // Reply exists if (empty($from_reply)) { bbp_add_error('bbp_split_topic_r_not_found', __('<strong>ERROR</strong>: The reply you want to split from was not found.', 'bbpress')); } /** Topic to Split ********************************************************/ // Get the topic being split $source_topic = bbp_get_topic($from_reply->post_parent); // No topic if (empty($source_topic)) { bbp_add_error('bbp_split_topic_source_not_found', __('<strong>ERROR</strong>: The topic you want to split was not found.', 'bbpress')); } // Nonce check failed if (!bbp_verify_nonce_request('bbp-split-topic_' . $source_topic->ID)) { bbp_add_error('bbp_split_topic_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Use cannot edit topic if (!current_user_can('edit_topic', $source_topic->ID)) { bbp_add_error('bbp_split_topic_source_permission', __('<strong>ERROR</strong>: You do not have the permissions to edit the source topic.', 'bbpress')); } // How to Split if (!empty($_POST['bbp_topic_split_option'])) { $split_option = (string) trim($_POST['bbp_topic_split_option']); } // Invalid split option if (empty($split_option) || !in_array($split_option, array('existing', 'reply'))) { bbp_add_error('bbp_split_topic_option', __('<strong>ERROR</strong>: You need to choose a valid split option.', 'bbpress')); // Valid Split Option } else { // What kind of split switch ($split_option) { // Into an existing topic case 'existing': // Get destination topic id if (empty($_POST['bbp_destination_topic'])) { bbp_add_error('bbp_split_topic_destination_id', __('<strong>ERROR</strong>: Destination topic ID not found!', 'bbpress')); } else { $destination_topic_id = (int) $_POST['bbp_destination_topic']; } // Get the destination topic $destination_topic = bbp_get_topic($destination_topic_id); // No destination topic if (empty($destination_topic)) { bbp_add_error('bbp_split_topic_destination_not_found', __('<strong>ERROR</strong>: The topic you want to split to was not found!', 'bbpress')); } // User cannot edit the destination topic if (!current_user_can('edit_topic', $destination_topic->ID)) { bbp_add_error('bbp_split_topic_destination_permission', __('<strong>ERROR</strong>: You do not have the permissions to edit the destination topic!', 'bbpress')); } break; // Split at reply into a new topic // Split at reply into a new topic case 'reply': default: // User needs to be able to publish topics if (current_user_can('publish_topics')) { // Use the new title that was passed if (!empty($_POST['bbp_topic_split_destination_title'])) { $destination_topic_title = esc_attr(strip_tags($_POST['bbp_topic_split_destination_title'])); // Use the source topic title } else { $destination_topic_title = $source_topic->post_title; } // Update the topic $destination_topic_id = wp_update_post(array('ID' => $from_reply->ID, 'post_title' => $destination_topic_title, 'post_name' => false, 'post_type' => bbp_get_topic_post_type(), 'post_parent' => $source_topic->post_parent, 'menu_order' => 0, 'guid' => '')); $destination_topic = bbp_get_topic($destination_topic_id); // Make sure the new topic knows its a topic bbp_update_topic_topic_id($from_reply->ID); // Shouldn't happen if (false === $destination_topic_id || is_wp_error($destination_topic_id) || empty($destination_topic)) { bbp_add_error('bbp_split_topic_destination_reply', __('<strong>ERROR</strong>: There was a problem converting the reply into the topic. Please try again.', 'bbpress')); } // User cannot publish posts } else { bbp_add_error('bbp_split_topic_destination_permission', __('<strong>ERROR</strong>: You do not have the permissions to create new topics. The reply could not be converted into a topic.', 'bbpress')); } break; } } // Bail if there are errors if (bbp_has_errors()) { return; } /** No Errors - Do the Spit ***********************************************/ // Update counts, etc... do_action('bbp_pre_split_topic', $from_reply->ID, $source_topic->ID, $destination_topic->ID); /** Date Check ************************************************************/ // Check if the destination topic is older than the from reply if (strtotime($from_reply->post_date) < strtotime($destination_topic->post_date)) { // Set destination topic post_date to 1 second before from reply $destination_post_date = date('Y-m-d H:i:s', strtotime($from_reply->post_date) - 1); // Update destination topic wp_update_post(array('ID' => $destination_topic_id, 'post_date' => $destination_post_date, 'post_date_gmt' => get_gmt_from_date($destination_post_date))); } /** Subscriptions *********************************************************/ // Copy the subscribers if (!empty($_POST['bbp_topic_subscribers']) && "1" === $_POST['bbp_topic_subscribers'] && bbp_is_subscriptions_active()) { // Get the subscribers $subscribers = bbp_get_topic_subscribers($source_topic->ID); if (!empty($subscribers)) { // Add subscribers to new topic foreach ((array) $subscribers as $subscriber) { bbp_add_user_subscription($subscriber, $destination_topic->ID); } } } /** Favorites *************************************************************/ // Copy the favoriters if told to if (!empty($_POST['bbp_topic_favoriters']) && "1" === $_POST['bbp_topic_favoriters']) { // Get the favoriters $favoriters = bbp_get_topic_favoriters($source_topic->ID); if (!empty($favoriters)) { // Add the favoriters to new topic foreach ((array) $favoriters as $favoriter) { bbp_add_user_favorite($favoriter, $destination_topic->ID); } } } /** Tags ******************************************************************/ // Copy the tags if told to if (!empty($_POST['bbp_topic_tags']) && "1" === $_POST['bbp_topic_tags']) { // Get the source topic tags $source_topic_tags = wp_get_post_terms($source_topic->ID, bbp_get_topic_tag_tax_id(), array('fields' => 'names')); if (!empty($source_topic_tags)) { wp_set_post_terms($destination_topic->ID, $source_topic_tags, bbp_get_topic_tag_tax_id(), true); } } /** Split Replies *********************************************************/ // get_posts() is not used because it doesn't allow us to use '>=' // comparision without a filter. $replies = (array) $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->posts} WHERE {$wpdb->posts}.post_date >= %s AND {$wpdb->posts}.post_parent = %d AND {$wpdb->posts}.post_type = %s ORDER BY {$wpdb->posts}.post_date ASC", $from_reply->post_date, $source_topic->ID, bbp_get_reply_post_type())); // Make sure there are replies to loop through if (!empty($replies) && !is_wp_error($replies)) { // Calculate starting point for reply positions switch ($split_option) { // Get topic reply count for existing topic case 'existing': $reply_position = bbp_get_topic_reply_count($destination_topic->ID); break; // Account for new lead topic // Account for new lead topic case 'reply': $reply_position = 1; break; } // Save reply ids $reply_ids = array(); // Change the post_parent of each reply to the destination topic id foreach ($replies as $reply) { // Bump the reply position each iteration through the loop $reply_position++; // Update the reply wp_update_post(array('ID' => $reply->ID, 'post_title' => sprintf(__('Reply To: %s', 'bbpress'), $destination_topic->post_title), 'post_name' => false, 'post_parent' => $destination_topic->ID, 'menu_order' => $reply_position, 'guid' => '')); // Gather reply ids $reply_ids[] = $reply->ID; // Adjust reply meta values bbp_update_reply_topic_id($reply->ID, $destination_topic->ID); bbp_update_reply_forum_id($reply->ID, bbp_get_topic_forum_id($destination_topic->ID)); // Adjust reply to values $reply_to = bbp_get_reply_to($reply->ID); // Not a reply to a reply that moved over if (!in_array($reply_to, $reply_ids)) { bbp_update_reply_to($reply->ID, 0); } // New topic from reply can't be a reply to if ($from_reply->ID === $destination_topic->ID && $from_reply->ID === $reply_to) { bbp_update_reply_to($reply->ID, 0); } // Do additional actions per split reply do_action('bbp_split_topic_reply', $reply->ID, $destination_topic->ID); } // Remove reply to from new topic if ($from_reply->ID === $destination_topic->ID) { delete_post_meta($from_reply->ID, '_bbp_reply_to'); } // Set the last reply ID and freshness $last_reply_id = $reply->ID; $freshness = $reply->post_date; // Set the last reply ID and freshness to the from_reply } else { $last_reply_id = $from_reply->ID; $freshness = $from_reply->post_date; } // It is a new topic and we need to set some default metas to make // the topic display in bbp_has_topics() list if ('reply' === $split_option) { bbp_update_topic_last_reply_id($destination_topic->ID, $last_reply_id); bbp_update_topic_last_active_id($destination_topic->ID, $last_reply_id); bbp_update_topic_last_active_time($destination_topic->ID, $freshness); } // Update source topic ID last active bbp_update_topic_last_reply_id($source_topic->ID); bbp_update_topic_last_active_id($source_topic->ID); bbp_update_topic_last_active_time($source_topic->ID); /** Successful Split ******************************************************/ // Update counts, etc... do_action('bbp_post_split_topic', $from_reply->ID, $source_topic->ID, $destination_topic->ID); // Redirect back to the topic wp_safe_redirect(bbp_get_topic_permalink($destination_topic->ID)); // For good measure exit; }
/** * Display possible errors & messages inside a template file * * @since bbPress (r2688) * * @uses WP_Error bbPress::errors::get_error_codes() To get the error codes * @uses WP_Error bbPress::errors::get_error_data() To get the error data * @uses WP_Error bbPress::errors::get_error_messages() To get the error * messages * @uses is_wp_error() To check if it's a {@link WP_Error} */ function bbp_template_notices() { // Bail if no notices or errors if (!bbp_has_errors()) { return; } // Define local variable(s) $errors = $messages = array(); // Get bbPress $bbp = bbpress(); // Loop through notices foreach ($bbp->errors->get_error_codes() as $code) { // Get notice severity $severity = $bbp->errors->get_error_data($code); // Loop through notices and separate errors from messages foreach ($bbp->errors->get_error_messages($code) as $error) { if ('message' == $severity) { $messages[] = $error; } else { $errors[] = $error; } } } // Display errors first... if (!empty($errors)) { ?> <div class="bbp-template-notice error"> <p> <?php echo implode("</p>\n<p>", $errors); ?> </p> </div> <?php } // ...and messages last if (!empty($messages)) { ?> <div class="bbp-template-notice"> <p> <?php echo implode("</p>\n<p>", $messages); ?> </p> </div> <?php } }
/** * Handles the front end edit forum submission * * @param string $action The requested action to compare this function to * @uses bbPress:errors::add() To log various error messages * @uses bbp_get_forum() To get the forum * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses bbp_is_forum_anonymous() To check if forum is by an anonymous user * @uses current_user_can() To check if the current user can edit the forum * @uses bbp_filter_anonymous_post_data() To filter anonymous data * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses esc_attr() For sanitization * @uses bbp_is_forum_category() To check if the forum is a category * @uses bbp_is_forum_closed() To check if the forum is closed * @uses bbp_is_forum_private() To check if the forum is private * @uses remove_filter() To remove kses filters if needed * @uses apply_filters() Calls 'bbp_edit_forum_pre_title' with the title and * forum id * @uses apply_filters() Calls 'bbp_edit_forum_pre_content' with the content * and forum id * @uses bbPress::errors::get_error_codes() To get the {@link WP_Error} errors * @uses wp_save_post_revision() To save a forum revision * @uses bbp_update_forum_revision_log() To update the forum revision log * @uses wp_update_post() To update the forum * @uses do_action() Calls 'bbp_edit_forum' with the forum id, forum id, * anonymous data and reply author * @uses bbp_move_forum_handler() To handle movement of a forum from one forum * to another * @uses bbp_get_forum_permalink() To get the forum permalink * @uses wp_safe_redirect() To redirect to the forum link * @uses bbPress::errors::get_error_messages() To get the {@link WP_Error} error * messages */ function bbp_edit_forum_handler($action = '') { // Bail if action is not bbp-edit-forum if ('bbp-edit-forum' !== $action) { return; } // Define local variable(s) $anonymous_data = array(); $forum = $forum_id = $forum_parent_id = 0; $forum_title = $forum_content = $forum_edit_reason = ''; /** Forum *****************************************************************/ // Forum id was not passed if (empty($_POST['bbp_forum_id'])) { bbp_add_error('bbp_edit_forum_id', __('<strong>ERROR</strong>: Forum ID not found.', 'bbpress')); return; // Forum id was passed } elseif (is_numeric($_POST['bbp_forum_id'])) { $forum_id = (int) $_POST['bbp_forum_id']; $forum = bbp_get_forum($forum_id); } // Nonce check if (!bbp_verify_nonce_request('bbp-edit-forum_' . $forum_id)) { bbp_add_error('bbp_edit_forum_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; // Forum does not exist } elseif (empty($forum)) { bbp_add_error('bbp_edit_forum_not_found', __('<strong>ERROR</strong>: The forum you want to edit was not found.', 'bbpress')); return; // User cannot edit this forum } elseif (!current_user_can('edit_forum', $forum_id)) { bbp_add_error('bbp_edit_forum_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that forum.', 'bbpress')); return; } // Remove kses filters from title and content for capable users and if the nonce is verified if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_forum']) && wp_create_nonce('bbp-unfiltered-html-forum_' . $forum_id) === $_POST['_bbp_unfiltered_html_forum']) { remove_filter('bbp_edit_forum_pre_title', 'wp_filter_kses'); remove_filter('bbp_edit_forum_pre_content', 'bbp_encode_bad', 10); remove_filter('bbp_edit_forum_pre_content', 'bbp_filter_kses', 30); } /** Forum Parent ***********************************************************/ // Forum parent id was passed if (!empty($_POST['bbp_forum_parent_id'])) { $forum_parent_id = bbp_get_forum_id($_POST['bbp_forum_parent_id']); } // Current forum this forum is in $current_parent_forum_id = bbp_get_forum_parent_id($forum_id); // Forum exists if (!empty($forum_parent_id) && $forum_parent_id !== $current_parent_forum_id) { // Forum is closed and user cannot access if (bbp_is_forum_closed($forum_parent_id) && !current_user_can('edit_forum', $forum_parent_id)) { bbp_add_error('bbp_edit_forum_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new forums.', 'bbpress')); } // Forum is private and user cannot access if (bbp_is_forum_private($forum_parent_id) && !current_user_can('read_private_forums')) { bbp_add_error('bbp_edit_forum_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new forums in it.', 'bbpress')); } // Forum is hidden and user cannot access if (bbp_is_forum_hidden($forum_parent_id) && !current_user_can('read_hidden_forums')) { bbp_add_error('bbp_edit_forum_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new forums in it.', 'bbpress')); } } /** Forum Title ***********************************************************/ if (!empty($_POST['bbp_forum_title'])) { $forum_title = esc_attr(strip_tags($_POST['bbp_forum_title'])); } // Filter and sanitize $forum_title = apply_filters('bbp_edit_forum_pre_title', $forum_title, $forum_id); // No forum title if (empty($forum_title)) { bbp_add_error('bbp_edit_forum_title', __('<strong>ERROR</strong>: Your forum needs a title.', 'bbpress')); } /** Forum Content *********************************************************/ if (!empty($_POST['bbp_forum_content'])) { $forum_content = $_POST['bbp_forum_content']; } // Filter and sanitize $forum_content = apply_filters('bbp_edit_forum_pre_content', $forum_content, $forum_id); // No forum content if (empty($forum_content)) { bbp_add_error('bbp_edit_forum_content', __('<strong>ERROR</strong>: Your forum description cannot be empty.', 'bbpress')); } /** Forum Blacklist *******************************************************/ if (!bbp_check_for_blacklist($anonymous_data, bbp_get_forum_author_id($forum_id), $forum_title, $forum_content)) { bbp_add_error('bbp_forum_blacklist', __('<strong>ERROR</strong>: Your forum cannot be edited at this time.', 'bbpress')); } /** Forum Moderation ******************************************************/ $post_status = bbp_get_public_status_id(); if (!bbp_check_for_moderation($anonymous_data, bbp_get_forum_author_id($forum_id), $forum_title, $forum_content)) { $post_status = bbp_get_pending_status_id(); } /** Additional Actions (Before Save) **************************************/ do_action('bbp_edit_forum_pre_extras', $forum_id); // Bail if errors if (bbp_has_errors()) { return; } /** No Errors *************************************************************/ // Add the content of the form to $forum_data as an array // Just in time manipulation of forum data before being edited $forum_data = apply_filters('bbp_edit_forum_pre_insert', array('ID' => $forum_id, 'post_title' => $forum_title, 'post_content' => $forum_content, 'post_status' => $post_status, 'post_parent' => $forum_parent_id)); // Insert forum $forum_id = wp_update_post($forum_data); /** Revisions *************************************************************/ /** * @todo omitted for 2.1 // Revision Reason if ( !empty( $_POST['bbp_forum_edit_reason'] ) ) $forum_edit_reason = esc_attr( strip_tags( $_POST['bbp_forum_edit_reason'] ) ); // Update revision log if ( !empty( $_POST['bbp_log_forum_edit'] ) && ( "1" === $_POST['bbp_log_forum_edit'] ) && ( $revision_id = wp_save_post_revision( $forum_id ) ) ) { bbp_update_forum_revision_log( array( 'forum_id' => $forum_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $forum_edit_reason ) ); } */ /** No Errors *************************************************************/ if (!empty($forum_id) && !is_wp_error($forum_id)) { // Update counts, etc... do_action('bbp_edit_forum', array('forum_id' => $forum_id, 'post_parent' => $forum_parent_id, 'forum_author' => $forum->post_author, 'last_topic_id' => 0, 'last_reply_id' => 0, 'last_active_id' => 0, 'last_active_time' => 0, 'last_active_status' => bbp_get_public_status_id())); // If the new forum parent id is not equal to the old forum parent // id, run the bbp_move_forum action and pass the forum's parent id // as the first arg and new forum parent id as the second. // @todo implement //if ( $forum_id !== $forum->post_parent ) // bbp_move_forum_handler( $forum_parent_id, $forum->post_parent, $forum_id ); /** Additional Actions (After Save) ***********************************/ do_action('bbp_edit_forum_post_extras', $forum_id); /** Redirect **********************************************************/ // Redirect to $redirect_to = bbp_get_redirect_to(); // View all? $view_all = bbp_get_view_all(); // Get the forum URL $forum_url = bbp_get_forum_permalink($forum_id, $redirect_to); // Add view all? if (!empty($view_all)) { $forum_url = bbp_add_view_all($forum_url); } // Allow to be filtered $forum_url = apply_filters('bbp_edit_forum_redirect_to', $forum_url, $view_all, $redirect_to); /** Successful Edit ***************************************************/ // Redirect back to new forum wp_safe_redirect($forum_url); // For good measure exit; /** Errors ****************************************************************/ } else { $append_error = is_wp_error($forum_id) && $forum_id->get_error_message() ? $forum_id->get_error_message() . ' ' : ''; bbp_add_error('bbp_forum_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your forum:' . $append_error . 'Please try again.', 'bbpress')); } }
/** * Mark notifications as read when reading a topic * * @since 2.5.0 bbPress (r5155) * * @return If not trying to mark a notification as read */ function bbp_buddypress_mark_notifications($action = '') { // Bail if no topic ID is passed if (empty($_GET['topic_id'])) { return; } // Bail if action is not for this function if ('bbp_mark_read' !== $action) { return; } // Get required data $user_id = bp_loggedin_user_id(); $topic_id = intval($_GET['topic_id']); // Check nonce if (!bbp_verify_nonce_request('bbp_mark_topic_' . $topic_id)) { bbp_add_error('bbp_notification_topic_id', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); // Check current user's ability to edit the user } elseif (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_notification_permissions', __('<strong>ERROR</strong>: You do not have permission to mark notifications for that user.', 'bbpress')); } // Bail if we have errors if (!bbp_has_errors()) { // Attempt to clear notifications for the current user from this topic $success = bp_notifications_mark_notifications_by_item_id($user_id, $topic_id, bbp_get_component_name(), 'bbp_new_reply'); // Do additional subscriptions actions do_action('bbp_notifications_handler', $success, $user_id, $topic_id, $action); } // Redirect to the topic $redirect = bbp_get_reply_url($topic_id); // Redirect bbp_redirect($redirect); }
/** * Handles the front end subscribing and unsubscribing topics * * @uses bbp_is_subscriptions_active() To check if the subscriptions are active * @uses bbp_get_user_id() To get the user id * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses bbPress:errors:add() To log the error messages * @uses bbp_is_user_subscribed() To check if the topic is in user's * subscriptions * @uses bbp_remove_user_subscription() To remove the user subscription * @uses bbp_add_user_subscription() To add the user subscription * @uses do_action() Calls 'bbp_subscriptions_handler' with success, user id, * topic id and action * @uses bbp_is_subscription() To check if it's the subscription page * @uses bbp_get_subscription_link() To get the subscription page link * @uses bbp_get_topic_permalink() To get the topic permalink * @uses wp_safe_redirect() To redirect to the url */ function bbp_subscriptions_handler() { if (!bbp_is_subscriptions_active()) { return false; } // Bail if not a GET action if ('GET' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if required GET actions aren't passed if (empty($_GET['topic_id']) || empty($_GET['action'])) { return; } // Setup possible get actions $possible_actions = array('bbp_subscribe', 'bbp_unsubscribe'); // Bail if actions aren't meant for this function if (!in_array($_GET['action'], $possible_actions)) { return; } // Get required data $action = $_GET['action']; $user_id = bbp_get_user_id(0, true, true); $topic_id = intval($_GET['topic_id']); // Check for empty topic if (empty($topic_id)) { bbp_add_error('bbp_subscription_topic_id', __('<strong>ERROR</strong>: No topic was found! Which topic are you subscribing/unsubscribing to?', 'bbpress')); // Check nonce } elseif (!bbp_verify_nonce_request('toggle-subscription_' . $topic_id)) { bbp_add_error('bbp_subscription_topic_id', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); // Check current user's ability to edit the user } elseif (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_subscription_permissions', __('<strong>ERROR</strong>: You don\'t have the permission to edit favorites of that user!', 'bbpress')); } // Bail if we have errors if (bbp_has_errors()) { return; } /** No errors *************************************************************/ $is_subscription = bbp_is_user_subscribed($user_id, $topic_id); $success = false; if (true == $is_subscription && 'bbp_unsubscribe' == $action) { $success = bbp_remove_user_subscription($user_id, $topic_id); } elseif (false == $is_subscription && 'bbp_subscribe' == $action) { $success = bbp_add_user_subscription($user_id, $topic_id); } // Do additional subscriptions actions do_action('bbp_subscriptions_handler', $success, $user_id, $topic_id, $action); // Success! if (true == $success) { // Redirect back from whence we came if (bbp_is_subscriptions()) { $redirect = bbp_get_subscriptions_permalink($user_id); } elseif (bbp_is_single_user()) { $redirect = bbp_get_user_profile_url(); } elseif (is_singular(bbp_get_topic_post_type())) { $redirect = bbp_get_topic_permalink($topic_id); } elseif (is_single() || is_page()) { $redirect = get_permalink(); } wp_safe_redirect($redirect); // For good measure exit; // Fail! Handle errors } elseif (true == $is_subscription && 'bbp_unsubscribe' == $action) { bbp_add_error('bbp_unsubscribe', __('<strong>ERROR</strong>: There was a problem unsubscribing from that topic!', 'bbpress')); } elseif (false == $is_subscription && 'bbp_subscribe' == $action) { bbp_add_error('bbp_subscribe', __('<strong>ERROR</strong>: There was a problem subscribing to that topic!', 'bbpress')); } }
/** * Move reply handler * * Handles the front end move reply submission * * @since bbPress (r4521) * * @param string $action The requested action to compare this function to * @uses bbp_add_error() To add an error message * @uses bbp_get_reply() To get the reply * @uses bbp_get_topic() To get the topics * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the reply and topics * @uses bbp_get_topic_post_type() To get the topic post type * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses do_action() Calls 'bbp_pre_move_reply' with the from reply id, source * and destination topic ids * @uses bbp_get_reply_post_type() To get the reply post type * @uses wpdb::prepare() To prepare our sql query * @uses wpdb::get_results() To execute the sql query and get results * @uses wp_update_post() To update the replies * @uses bbp_update_reply_topic_id() To update the reply topic id * @uses bbp_get_topic_forum_id() To get the topic forum id * @uses bbp_update_reply_forum_id() To update the reply forum id * @uses do_action() Calls 'bbp_split_topic_reply' with the reply id and * destination topic id * @uses bbp_update_topic_last_reply_id() To update the topic last reply id * @uses bbp_update_topic_last_active_time() To update the topic last active meta * @uses do_action() Calls 'bbp_post_split_topic' with the destination and * source topic ids and source topic's forum id * @uses bbp_get_topic_permalink() To get the topic permalink * @uses wp_safe_redirect() To redirect to the topic link */ function bbp_move_reply_handler($action = '') { // Bail if action is not 'bbp-move-reply' if ('bbp-move-reply' !== $action) { return; } // Prevent debug notices $move_reply_id = $destination_topic_id = 0; $destination_topic_title = ''; $destination_topic = $move_reply = $source_topic = ''; /** Move Reply ***********************************************************/ if (empty($_POST['bbp_reply_id'])) { bbp_add_error('bbp_move_reply_reply_id', __('<strong>ERROR</strong>: Reply ID to move not found!', 'bbpress')); } else { $move_reply_id = (int) $_POST['bbp_reply_id']; } $move_reply = bbp_get_reply($move_reply_id); // Reply exists if (empty($move_reply)) { bbp_add_error('bbp_mover_reply_r_not_found', __('<strong>ERROR</strong>: The reply you want to move was not found.', 'bbpress')); } /** Topic to Move From ***************************************************/ // Get the reply's current topic $source_topic = bbp_get_topic($move_reply->post_parent); // No topic if (empty($source_topic)) { bbp_add_error('bbp_move_reply_source_not_found', __('<strong>ERROR</strong>: The topic you want to move from was not found.', 'bbpress')); } // Nonce check failed if (!bbp_verify_nonce_request('bbp-move-reply_' . $move_reply->ID)) { bbp_add_error('bbp_move_reply_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Use cannot edit topic if (!current_user_can('edit_topic', $source_topic->ID)) { bbp_add_error('bbp_move_reply_source_permission', __('<strong>ERROR</strong>: You do not have the permissions to edit the source topic.', 'bbpress')); } // How to move if (!empty($_POST['bbp_reply_move_option'])) { $move_option = (string) trim($_POST['bbp_reply_move_option']); } // Invalid move option if (empty($move_option) || !in_array($move_option, array('existing', 'topic'))) { bbp_add_error('bbp_move_reply_option', __('<strong>ERROR</strong>: You need to choose a valid move option.', 'bbpress')); // Valid move option } else { // What kind of move switch ($move_option) { // Into an existing topic case 'existing': // Get destination topic id if (empty($_POST['bbp_destination_topic'])) { bbp_add_error('bbp_move_reply_destination_id', __('<strong>ERROR</strong>: Destination topic ID not found!', 'bbpress')); } else { $destination_topic_id = (int) $_POST['bbp_destination_topic']; } // Get the destination topic $destination_topic = bbp_get_topic($destination_topic_id); // No destination topic if (empty($destination_topic)) { bbp_add_error('bbp_move_reply_destination_not_found', __('<strong>ERROR</strong>: The topic you want to move to was not found!', 'bbpress')); } // User cannot edit the destination topic if (!current_user_can('edit_topic', $destination_topic->ID)) { bbp_add_error('bbp_move_reply_destination_permission', __('<strong>ERROR</strong>: You do not have the permissions to edit the destination topic!', 'bbpress')); } // Bump the reply position $reply_position = bbp_get_topic_reply_count($destination_topic->ID) + 1; // Update the reply wp_update_post(array('ID' => $move_reply->ID, 'post_title' => sprintf(__('Reply To: %s', 'bbpress'), $destination_topic->post_title), 'post_name' => false, 'post_parent' => $destination_topic->ID, 'menu_order' => $reply_position, 'guid' => '')); // Adjust reply meta values bbp_update_reply_topic_id($move_reply->ID, $destination_topic->ID); bbp_update_reply_forum_id($move_reply->ID, bbp_get_topic_forum_id($destination_topic->ID)); break; // Move reply to a new topic // Move reply to a new topic case 'topic': default: // User needs to be able to publish topics if (current_user_can('publish_topics')) { // Use the new title that was passed if (!empty($_POST['bbp_reply_move_destination_title'])) { $destination_topic_title = esc_attr(strip_tags($_POST['bbp_reply_move_destination_title'])); // Use the source topic title } else { $destination_topic_title = $source_topic->post_title; } // Update the topic $destination_topic_id = wp_update_post(array('ID' => $move_reply->ID, 'post_title' => $destination_topic_title, 'post_name' => false, 'post_type' => bbp_get_topic_post_type(), 'post_parent' => $source_topic->post_parent, 'guid' => '')); $destination_topic = bbp_get_topic($destination_topic_id); // Make sure the new topic knows its a topic bbp_update_topic_topic_id($move_reply->ID); // Shouldn't happen if (false === $destination_topic_id || is_wp_error($destination_topic_id) || empty($destination_topic)) { bbp_add_error('bbp_move_reply_destination_reply', __('<strong>ERROR</strong>: There was a problem converting the reply into the topic. Please try again.', 'bbpress')); } // User cannot publish posts } else { bbp_add_error('bbp_move_reply_destination_permission', __('<strong>ERROR</strong>: You do not have the permissions to create new topics. The reply could not be converted into a topic.', 'bbpress')); } break; } } // Bail if there are errors if (bbp_has_errors()) { return; } /** No Errors - Clean Up **************************************************/ // Update counts, etc... do_action('bbp_pre_move_reply', $move_reply->ID, $source_topic->ID, $destination_topic->ID); /** Date Check ************************************************************/ // Check if the destination topic is older than the move reply if (strtotime($move_reply->post_date) < strtotime($destination_topic->post_date)) { // Set destination topic post_date to 1 second before from reply $destination_post_date = date('Y-m-d H:i:s', strtotime($move_reply->post_date) - 1); // Update destination topic wp_update_post(array('ID' => $destination_topic_id, 'post_date' => $destination_post_date, 'post_date_gmt' => get_gmt_from_date($destination_post_date))); } // Set the last reply ID and freshness to the move_reply $last_reply_id = $move_reply->ID; $freshness = $move_reply->post_date; // Get the reply to $parent = bbp_get_reply_to($move_reply->ID); // Fix orphaned children $children = get_posts(array('post_type' => bbp_get_reply_post_type(), 'meta_key' => '_bbp_reply_to', 'meta_value' => $move_reply->ID)); foreach ($children as $child) { bbp_update_reply_to($child->ID, $parent); } // Remove reply_to from moved reply delete_post_meta($move_reply->ID, '_bbp_reply_to'); // It is a new topic and we need to set some default metas to make // the topic display in bbp_has_topics() list if ('topic' === $move_option) { bbp_update_topic_last_reply_id($destination_topic->ID, $last_reply_id); bbp_update_topic_last_active_id($destination_topic->ID, $last_reply_id); bbp_update_topic_last_active_time($destination_topic->ID, $freshness); // Otherwise update the existing destination topic } else { bbp_update_topic_last_reply_id($destination_topic->ID); bbp_update_topic_last_active_id($destination_topic->ID); bbp_update_topic_last_active_time($destination_topic->ID); } // Update source topic ID last active bbp_update_topic_last_reply_id($source_topic->ID); bbp_update_topic_last_active_id($source_topic->ID); bbp_update_topic_last_active_time($source_topic->ID); /** Successful Move ******************************************************/ // Update counts, etc... do_action('bbp_post_move_reply', $move_reply->ID, $source_topic->ID, $destination_topic->ID); // Redirect back to the topic wp_safe_redirect(bbp_get_topic_permalink($destination_topic->ID)); // For good measure exit; }
/** * Filter anonymous post data * * We use REMOTE_ADDR here directly. If you are behind a proxy, you should * ensure that it is properly set, such as in wp-config.php, for your * environment. See {@link https://core.trac.wordpress.org/ticket/9235} * * Note that bbp_pre_anonymous_filters() is responsible for sanitizing each * of the filtered core anonymous values here. * * If there are any errors, those are directly added to {@link bbPress:errors} * * @since 2.0.0 bbPress (r2734) * * @param array $args Optional. If no args are there, then $_POST values are * used. * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_name' with the * anonymous user name * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_email' with the * anonymous user email * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_website' with the * anonymous user website * @return bool|array False on errors, values in an array on success */ function bbp_filter_anonymous_post_data($args = array()) { // Parse arguments against default values $r = bbp_parse_args($args, array('bbp_anonymous_name' => !empty($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : false, 'bbp_anonymous_email' => !empty($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : false, 'bbp_anonymous_website' => !empty($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : false), 'filter_anonymous_post_data'); // Filter variables and add errors if necessary $r['bbp_anonymous_name'] = apply_filters('bbp_pre_anonymous_post_author_name', $r['bbp_anonymous_name']); if (empty($r['bbp_anonymous_name'])) { bbp_add_error('bbp_anonymous_name', __('<strong>ERROR</strong>: Invalid author name.', 'bbpress')); } $r['bbp_anonymous_email'] = apply_filters('bbp_pre_anonymous_post_author_email', $r['bbp_anonymous_email']); if (empty($r['bbp_anonymous_email'])) { bbp_add_error('bbp_anonymous_email', __('<strong>ERROR</strong>: Invalid email address.', 'bbpress')); } // Website is optional $r['bbp_anonymous_website'] = apply_filters('bbp_pre_anonymous_post_author_website', $r['bbp_anonymous_website']); // Return false if we have any errors $retval = bbp_has_errors() ? false : $r; // Finally, return sanitized data or false return apply_filters('bbp_filter_anonymous_post_data', $retval, $r); }
/** * Handles the front end edit reply submission * * @uses bbp_add_error() To add an error message * @uses bbp_get_reply() To get the reply * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses bbp_is_reply_anonymous() To check if the reply was by an anonymous user * @uses current_user_can() To check if the current user can edit that reply * @uses bbp_filter_anonymous_post_data() To filter anonymous data * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses remove_filter() To remove 'wp_filter_kses' filters if needed * @uses esc_attr() For sanitization * @uses apply_filters() Calls 'bbp_edit_reply_pre_title' with the title and * reply id * @uses apply_filters() Calls 'bbp_edit_reply_pre_content' with the content * reply id * @uses wp_set_post_terms() To set the topic tags * @uses bbp_has_errors() To get the {@link WP_Error} errors * @uses wp_save_post_revision() To save a reply revision * @uses bbp_update_reply_revision_log() To update the reply revision log * @uses wp_update_post() To update the reply * @uses bbp_get_reply_topic_id() To get the reply topic id * @uses bbp_get_topic_forum_id() To get the topic forum id * @uses do_action() Calls 'bbp_edit_reply' with the reply id, topic id, forum * id, anonymous data, reply author and bool true (for edit) * @uses bbp_get_reply_url() To get the paginated url to the reply * @uses wp_safe_redirect() To redirect to the reply url * @uses bbPress::errors::get_error_message() To get the {@link WP_Error} error * message */ function bbp_edit_reply_handler() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if action is not bbp-edit-reply if (empty($_POST['action']) || 'bbp-edit-reply' !== $_POST['action']) { return; } // Define local variable(s) $revisions_removed = false; $reply = $reply_id = $reply_author = $topic_id = $forum_id = $anonymous_data = 0; $reply_title = $reply_content = $reply_edit_reason = $terms = ''; /** Reply *****************************************************************/ // Reply id was not passed if (empty($_POST['bbp_reply_id'])) { bbp_add_error('bbp_edit_reply_id', __('<strong>ERROR</strong>: Reply ID not found.', 'bbpress')); return; // Reply id was passed } elseif (is_numeric($_POST['bbp_reply_id'])) { $reply_id = (int) $_POST['bbp_reply_id']; $reply = bbp_get_reply($reply_id); } // Nonce check if (!bbp_verify_nonce_request('bbp-edit-reply_' . $reply_id)) { bbp_add_error('bbp_edit_reply_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Reply does not exist if (empty($reply)) { bbp_add_error('bbp_edit_reply_not_found', __('<strong>ERROR</strong>: The reply you want to edit was not found.', 'bbpress')); return; // Reply exists } else { // Check users ability to create new reply if (!bbp_is_reply_anonymous($reply_id)) { // User cannot edit this reply if (!current_user_can('edit_reply', $reply_id)) { bbp_add_error('bbp_edit_reply_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that reply.', 'bbpress')); return; } // Set reply author $reply_author = bbp_get_reply_author_id($reply_id); // It is an anonymous post } else { // Filter anonymous data $anonymous_data = bbp_filter_anonymous_post_data(); } } // Remove wp_filter_kses filters from title and content for capable users and if the nonce is verified if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_reply']) && wp_create_nonce('bbp-unfiltered-html-reply_' . $reply_id) == $_POST['_bbp_unfiltered_html_reply']) { remove_filter('bbp_edit_reply_pre_title', 'wp_filter_kses'); remove_filter('bbp_edit_reply_pre_content', 'wp_filter_kses'); } /** Reply Topic ***********************************************************/ $topic_id = bbp_get_reply_topic_id($reply_id); /** Topic Forum ***********************************************************/ $forum_id = bbp_get_topic_forum_id($topic_id); // Forum exists if (!empty($forum_id) && $forum_id !== bbp_get_reply_forum_id($reply_id)) { // Forum is a category if (bbp_is_forum_category($forum_id)) { bbp_add_error('bbp_edit_reply_forum_category', __('<strong>ERROR</strong>: This forum is a category. No topics or replies can be created in it.', 'bbpress')); } // Forum is closed and user cannot access if (bbp_is_forum_closed($forum_id) && !current_user_can('edit_forum', $forum_id)) { bbp_add_error('bbp_edit_reply_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new topics and replies.', 'bbpress')); } // Forum is private and user cannot access if (bbp_is_forum_private($forum_id) && !current_user_can('read_private_forums')) { bbp_add_error('bbp_edit_reply_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new replies in it.', 'bbpress')); } // Forum is hidden and user cannot access if (bbp_is_forum_hidden($forum_id) && !current_user_can('read_hidden_forums')) { bbp_add_error('bbp_edit_reply_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new replies in it.', 'bbpress')); } } /** Reply Title ***********************************************************/ if (!empty($_POST['bbp_reply_title'])) { $reply_title = esc_attr(strip_tags($_POST['bbp_reply_title'])); } // Filter and sanitize $reply_title = apply_filters('bbp_edit_reply_pre_title', $reply_title, $reply_id); /** Reply Content *********************************************************/ if (!empty($_POST['bbp_reply_content'])) { $reply_content = $_POST['bbp_reply_content']; } // Filter and sanitize $reply_content = apply_filters('bbp_edit_reply_pre_content', $reply_content, $reply_id); // No reply content if (empty($reply_content)) { bbp_add_error('bbp_edit_reply_content', __('<strong>ERROR</strong>: Your reply cannot be empty.', 'bbpress')); } /** Reply Blacklist *******************************************************/ if (!bbp_check_for_blacklist($anonymous_data, $reply_author, $reply_title, $reply_content)) { bbp_add_error('bbp_reply_blacklist', __('<strong>ERROR</strong>: Your reply cannot be edited at this time.', 'bbpress')); } /** Reply Status **********************************************************/ // Maybe put into moderation if (!bbp_check_for_moderation($anonymous_data, $reply_author, $reply_title, $reply_content)) { // Set post status to pending if public if (bbp_get_public_status_id() == $reply->post_status) { $reply_status = bbp_get_pending_status_id(); } // Use existing post_status } else { $reply_status = $reply->post_status; } /** Topic Tags ************************************************************/ // Either replace terms if (bbp_allow_topic_tags() && current_user_can('assign_topic_tags') && !empty($_POST['bbp_topic_tags'])) { $terms = esc_attr(strip_tags($_POST['bbp_topic_tags'])); // ...or remove them. } elseif (isset($_POST['bbp_topic_tags'])) { $terms = ''; // Existing terms } else { $terms = bbp_get_topic_tag_names($topic_id); } /** Additional Actions (Before Save) **************************************/ do_action('bbp_edit_reply_pre_extras', $reply_id); // Bail if errors if (bbp_has_errors()) { return; } /** No Errors *************************************************************/ // Add the content of the form to $reply_data as an array // Just in time manipulation of reply data before being edited $reply_data = apply_filters('bbp_edit_reply_pre_insert', array('ID' => $reply_id, 'post_title' => $reply_title, 'post_content' => $reply_content, 'post_status' => $reply_status, 'post_parent' => $topic_id, 'post_author' => $reply_author, 'post_type' => bbp_get_reply_post_type())); // Toggle revisions to avoid duplicates if (post_type_supports(bbp_get_reply_post_type(), 'revisions')) { $revisions_removed = true; remove_post_type_support(bbp_get_reply_post_type(), 'revisions'); } // Insert topic $reply_id = wp_update_post($reply_data); // Toggle revisions back on if (true === $revisions_removed) { $revisions_removed = true; add_post_type_support(bbp_get_reply_post_type(), 'revisions'); } /** Topic Tags ************************************************************/ // Just in time manipulation of reply terms before being edited $terms = apply_filters('bbp_edit_reply_pre_set_terms', $terms, $topic_id, $reply_id); // Insert terms $terms = wp_set_post_terms($topic_id, $terms, bbp_get_topic_tag_tax_id(), false); // Term error if (is_wp_error($terms)) { bbp_add_error('bbp_reply_tags', __('<strong>ERROR</strong>: There was a problem adding the tags to the topic.', 'bbpress')); } /** Revisions *************************************************************/ // Revision Reason if (!empty($_POST['bbp_reply_edit_reason'])) { $reply_edit_reason = esc_attr(strip_tags($_POST['bbp_reply_edit_reason'])); } // Update revision log if (!empty($_POST['bbp_log_reply_edit']) && 1 == $_POST['bbp_log_reply_edit']) { $revision_id = wp_is_post_revision($reply_id); if (!empty($revision_id)) { bbp_update_reply_revision_log(array('reply_id' => $reply_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $reply_edit_reason)); } } /** No Errors *************************************************************/ if (!empty($reply_id) && !is_wp_error($reply_id)) { // Update counts, etc... do_action('bbp_edit_reply', $reply_id, $topic_id, $forum_id, $anonymous_data, $reply_author, true); /** Additional Actions (After Save) ***********************************/ do_action('bbp_edit_reply_post_extras', $reply_id); /** Redirect **********************************************************/ // Redirect to $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : ''; // Get the reply URL $reply_url = bbp_get_reply_url($reply_id, $redirect_to); // Allow to be filtered $reply_url = apply_filters('bbp_edit_reply_redirect_to', $reply_url, $redirect_to); /** Successful Edit ***************************************************/ // Redirect back to new reply wp_safe_redirect($reply_url); // For good measure exit; /** Errors ****************************************************************/ } else { $append_error = is_wp_error($reply_id) && $reply_id->get_error_message() ? $reply_id->get_error_message() . ' ' : ''; bbp_add_error('bbp_reply_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your reply:' . $append_error . 'Please try again.', 'bbpress')); } }
/** * Filter anonymous post data * * We use REMOTE_ADDR here directly. If you are behind a proxy, you should * ensure that it is properly set, such as in wp-config.php, for your * environment. See {@link http://core.trac.wordpress.org/ticket/9235} * * Note that bbp_pre_anonymous_filters() is responsible for sanitizing each * of the filtered core anonymous values here. * * If there are any errors, those are directly added to {@link bbPress:errors} * * @since bbPress (r2734) * * @param mixed $args Optional. If no args are there, then $_POST values are * used. * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_name' with the * anonymous user name * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_email' with the * anonymous user email * @uses apply_filters() Calls 'bbp_pre_anonymous_post_author_website' with the * anonymous user website * @return bool|array False on errors, values in an array on success */ function bbp_filter_anonymous_post_data($args = '') { // Assign variables $defaults = array('bbp_anonymous_name' => !empty($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : false, 'bbp_anonymous_email' => !empty($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : false, 'bbp_anonymous_website' => !empty($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : false); $r = bbp_parse_args($args, $defaults, 'filter_anonymous_post_data'); extract($r); // Filter variables and add errors if necessary $bbp_anonymous_name = apply_filters('bbp_pre_anonymous_post_author_name', $bbp_anonymous_name); if (empty($bbp_anonymous_name)) { bbp_add_error('bbp_anonymous_name', __('<strong>ERROR</strong>: Invalid author name submitted!', 'bbpress')); } $bbp_anonymous_email = apply_filters('bbp_pre_anonymous_post_author_email', $bbp_anonymous_email); if (empty($bbp_anonymous_email)) { bbp_add_error('bbp_anonymous_email', __('<strong>ERROR</strong>: Invalid email address submitted!', 'bbpress')); } // Website is optional $bbp_anonymous_website = apply_filters('bbp_pre_anonymous_post_author_website', $bbp_anonymous_website); if (!bbp_has_errors()) { $retval = compact('bbp_anonymous_name', 'bbp_anonymous_email', 'bbp_anonymous_website'); } else { $retval = false; } // Finally, return sanitized data or false return apply_filters('bbp_filter_anonymous_post_data', $retval, $args); }
/** * Handles the front end user editing from POST requests * * @since 2.0.0 bbPress (r2790) * * @param string $action The requested action to compare this function to * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses bbp_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses is_network_admin() To check if the user is the network admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler($action = '') { // Bail if action is not `bbp-update-user` if ('bbp-update-user' !== $action) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Empty email check if (empty($_POST['email'])) { bbp_add_error('bbp_user_email_empty', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Get the users current email address to use for comparisons $user_email = bbp_get_displayed_user_field('user_email', 'raw'); // Bail if no email change if ($user_email !== $_POST['email']) { // Check that new email address is valid if (!is_email($_POST['email'])) { bbp_add_error('bbp_user_email_invalid', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Check if email address is already in use if (email_exists($_POST['email'])) { bbp_add_error('bbp_user_email_taken', __('<strong>ERROR</strong>: That email address is already in use.', 'bbpress'), array('form-field' => 'email')); return; } // Update the option $key = $user_id . '_new_email'; $hash = md5($_POST['email'] . time() . mt_rand()); $option = array('hash' => $hash, 'newemail' => $_POST['email']); update_option($key, $option); // Attempt to notify the user of email address change bbp_edit_user_email_send_notification($user_id, $option); // Set the POST email variable back to the user's email address // so `edit_user()` does not attempt to update it. This is not ideal, // but it's also what send_confirmation_on_profile_email() does. $_POST['email'] = $user_email; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Prevent edit_user() from wiping out the user's Toolbar on front setting if (!isset($_POST['admin_bar_front']) && _get_admin_bar_pref('front', $user_id)) { $_POST['admin_bar_front'] = 1; } // Bail if errors already exist if (bbp_has_errors()) { return; } // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit() && current_user_can('manage_network_options') && is_super_admin()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } // Redirect $args = array('updated' => 'true'); $user_url = bbp_get_user_profile_edit_url($edit_user); $redirect = add_query_arg($args, $user_url); bbp_redirect($redirect); } }