/**
* Protect access to single groups.
*
* @since BuddyPress (2.1.0)
*/
function bp_groups_group_access_protection()
{
if (!bp_is_group()) {
return;
}
$current_group = groups_get_current_group();
$user_has_access = $current_group->user_has_access;
$no_access_args = array();
if (!$user_has_access && 'hidden' !== $current_group->status) {
// Always allow access to home and request-membership
if (bp_is_current_action('home') || bp_is_current_action('request-membership')) {
$user_has_access = true;
// User doesn't have access, so set up redirect args
} else {
if (is_user_logged_in()) {
$no_access_args = array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group) . 'home/', 'redirect' => false);
}
}
}
// Protect the admin tab from non-admins
if (bp_is_current_action('admin') && !bp_is_item_admin()) {
$user_has_access = false;
$no_access_args = array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group), 'redirect' => false);
}
/**
* Allow plugins to filter whether the current user has access to this group content.
*
* Note that if a plugin sets $user_has_access to false, it may also
* want to change the $no_access_args, to avoid problems such as
* logged-in users being redirected to wp-login.php.
*
* @since BuddyPress (2.1.0)
*
* @param bool $user_has_access True if the user has access to the
* content, otherwise false.
* @param array $no_access_args Arguments to be passed to
* bp_core_no_access() in case of no access. Note that this
* value is passed by reference, so it can be modified by the
* filter callback.
*/
$user_has_access = apply_filters_ref_array('bp_group_user_has_access', array($user_has_access, &$no_access_args));
// If user has access, we return rather than redirect
if ($user_has_access) {
return;
}
// Hidden groups should return a 404 for non-members.
// Unset the current group so that you're not redirected
// to the default group tab
if ('hidden' == $current_group->status) {
buddypress()->groups->current_group = 0;
buddypress()->is_single_item = false;
bp_do_404();
return;
} else {
bp_core_no_access($no_access_args);
}
}
/**
* This screen function handles actions related to group forums.
*/
function groups_screen_group_forum()
{
if (!bp_is_active('forums') || !bp_forums_is_installed_correctly()) {
return false;
}
if (bp_action_variable(0) && !bp_is_action_variable('topic', 0)) {
bp_do_404();
return;
}
$bp = buddypress();
if (!$bp->groups->current_group->user_has_access) {
bp_core_no_access();
return;
}
if (!bp_is_single_item()) {
return false;
}
// Fetch the details we need.
$topic_slug = (string) bp_action_variable(1);
$topic_id = bp_forums_get_topic_id_from_slug($topic_slug);
$forum_id = groups_get_groupmeta($bp->groups->current_group->id, 'forum_id');
$user_is_banned = false;
if (!bp_current_user_can('bp_moderate') && groups_is_user_banned(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
$user_is_banned = true;
}
if (!empty($topic_slug) && !empty($topic_id)) {
// Posting a reply.
if (!$user_is_banned && !bp_action_variable(2) && isset($_POST['submit_reply'])) {
// Check the nonce.
check_admin_referer('bp_forums_new_reply');
// Auto join this user if they are not yet a member of this group.
if (bp_groups_auto_join() && !bp_current_user_can('bp_moderate') && 'public' == $bp->groups->current_group->status && !groups_is_user_member(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
groups_join_group($bp->groups->current_group->id, bp_loggedin_user_id());
}
$topic_page = isset($_GET['topic_page']) ? $_GET['topic_page'] : false;
// Don't allow reply flooding.
if (bp_forums_reply_exists($_POST['reply_text'], $topic_id, bp_loggedin_user_id())) {
bp_core_add_message(__('It looks like you\'ve already said that!', 'buddypress'), 'error');
} else {
if (!($post_id = groups_new_group_forum_post($_POST['reply_text'], $topic_id, $topic_page))) {
bp_core_add_message(__('There was an error when replying to that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Your reply was posted successfully', 'buddypress'));
}
}
$query_vars = isset($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '';
$redirect = bp_get_group_permalink(groups_get_current_group()) . 'forum/topic/' . $topic_slug . '/' . $query_vars;
if (!empty($post_id)) {
$redirect .= '#post-' . $post_id;
}
bp_core_redirect($redirect);
} elseif (bp_is_action_variable('stick', 2) && (bp_is_item_admin() || bp_is_item_mod())) {
// Check the nonce.
check_admin_referer('bp_forums_stick_topic');
if (!bp_forums_sticky_topic(array('topic_id' => $topic_id))) {
bp_core_add_message(__('There was an error when making that topic a sticky', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was made sticky successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been stickied.
*
* @since 1.1.0
*
* @param int $topic_id ID of the topic being stickied.
*/
do_action('groups_stick_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} elseif (bp_is_action_variable('unstick', 2) && (bp_is_item_admin() || bp_is_item_mod())) {
// Check the nonce.
check_admin_referer('bp_forums_unstick_topic');
if (!bp_forums_sticky_topic(array('topic_id' => $topic_id, 'mode' => 'unstick'))) {
bp_core_add_message(__('There was an error when unsticking that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was unstuck successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been un-stickied.
*
* @since 1.1.0
*
* @param int $topic_id ID of the topic being un-stickied.
*/
do_action('groups_unstick_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} elseif (bp_is_action_variable('close', 2) && (bp_is_item_admin() || bp_is_item_mod())) {
// Check the nonce.
check_admin_referer('bp_forums_close_topic');
if (!bp_forums_openclose_topic(array('topic_id' => $topic_id))) {
bp_core_add_message(__('There was an error when closing that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was closed successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been closed.
*
* @since 1.1.0
*
* @param int $topic_id ID of the topic being closed.
*/
do_action('groups_close_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} elseif (bp_is_action_variable('open', 2) && (bp_is_item_admin() || bp_is_item_mod())) {
// Check the nonce.
check_admin_referer('bp_forums_open_topic');
if (!bp_forums_openclose_topic(array('topic_id' => $topic_id, 'mode' => 'open'))) {
bp_core_add_message(__('There was an error when opening that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was opened successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been opened.
*
* @since 1.1.0
*
* @param int $topic_id ID of the topic being opened.
*/
do_action('groups_open_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} elseif (empty($user_is_banned) && bp_is_action_variable('delete', 2) && !bp_action_variable(3)) {
// Fetch the topic.
$topic = bp_forums_get_topic_details($topic_id);
/* Check the logged in user can delete this topic */
if (!bp_is_item_admin() && !bp_is_item_mod() && (int) bp_loggedin_user_id() != (int) $topic->topic_poster) {
bp_core_redirect(wp_get_referer());
}
// Check the nonce.
check_admin_referer('bp_forums_delete_topic');
/**
* Fires before a group forum topic is deleted.
*
* @since 1.5.0
*
* @param int $topic_id ID of the topic being deleted.
*/
do_action('groups_before_delete_forum_topic', $topic_id);
if (!groups_delete_group_forum_topic($topic_id)) {
bp_core_add_message(__('There was an error deleting the topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was deleted successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been deleted.
*
* @since 1.5.0
*
* @param int $topic_id ID of the topic being deleted.
*/
do_action('groups_delete_forum_topic', $topic_id);
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()) . 'forum/');
} elseif (empty($user_is_banned) && bp_is_action_variable('edit', 2) && !bp_action_variable(3)) {
// Fetch the topic.
$topic = bp_forums_get_topic_details($topic_id);
// Check the logged in user can edit this topic.
if (!bp_is_item_admin() && !bp_is_item_mod() && (int) bp_loggedin_user_id() != (int) $topic->topic_poster) {
bp_core_redirect(wp_get_referer());
}
if (isset($_POST['save_changes'])) {
// Check the nonce.
check_admin_referer('bp_forums_edit_topic');
$topic_tags = !empty($_POST['topic_tags']) ? $_POST['topic_tags'] : false;
if (!groups_update_group_forum_topic($topic_id, $_POST['topic_title'], $_POST['topic_text'], $topic_tags)) {
bp_core_add_message(__('There was an error when editing that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was edited successfully', 'buddypress'));
}
/**
* Fires after a group forum topic has been edited.
*
* @since 1.1.0
*
* @param int $topic_id ID of the topic being edited.
*/
do_action('groups_edit_forum_topic', $topic_id);
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()) . 'forum/topic/' . $topic_slug . '/');
}
/**
* Filters the template to load for a topic edit page.
*
* @since 1.1.0
*
* @param string $value Path to a topic edit template.
*/
bp_core_load_template(apply_filters('groups_template_group_forum_topic_edit', 'groups/single/home'));
// Delete a post.
} elseif (empty($user_is_banned) && bp_is_action_variable('delete', 2) && ($post_id = bp_action_variable(4))) {
// Fetch the post.
$post = bp_forums_get_post($post_id);
// Check the logged in user can edit this topic.
if (!bp_is_item_admin() && !bp_is_item_mod() && (int) bp_loggedin_user_id() != (int) $post->poster_id) {
bp_core_redirect(wp_get_referer());
}
// Check the nonce.
check_admin_referer('bp_forums_delete_post');
/**
* Fires before the deletion of a group forum post.
*
* @since 1.5.0
*
* @param int $post_id ID of the forum post being deleted.
*/
do_action('groups_before_delete_forum_post', $post_id);
if (!groups_delete_group_forum_post($post_id)) {
bp_core_add_message(__('There was an error deleting that post', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The post was deleted successfully', 'buddypress'));
}
/**
* Fires after the deletion of a group forum post.
*
* @since 1.1.0
*
* @param int $post_id ID of the forum post being deleted.
*/
do_action('groups_delete_forum_post', $post_id);
bp_core_redirect(wp_get_referer());
// Editing a post.
} elseif (empty($user_is_banned) && bp_is_action_variable('edit', 2) && ($post_id = bp_action_variable(4))) {
// Fetch the post.
$post = bp_forums_get_post($post_id);
// Check the logged in user can edit this topic.
if (!bp_is_item_admin() && !bp_is_item_mod() && (int) bp_loggedin_user_id() != (int) $post->poster_id) {
bp_core_redirect(wp_get_referer());
}
if (isset($_POST['save_changes'])) {
// Check the nonce.
check_admin_referer('bp_forums_edit_post');
$topic_page = isset($_GET['topic_page']) ? $_GET['topic_page'] : false;
if (!($post_id = groups_update_group_forum_post($post_id, $_POST['post_text'], $topic_id, $topic_page))) {
bp_core_add_message(__('There was an error when editing that post', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The post was edited successfully', 'buddypress'));
}
if ($_SERVER['QUERY_STRING']) {
$query_vars = '?' . $_SERVER['QUERY_STRING'];
}
/**
* Fires after the editing of a group forum post.
*
* @since 1.1.0
*
* @param int $post_id ID of the forum post being edited.
*/
do_action('groups_edit_forum_post', $post_id);
bp_core_redirect(bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic_slug . '/' . $query_vars . '#post-' . $post_id);
}
/** This filter is documented in bp-groups/bp-groups-screens.php */
bp_core_load_template(apply_filters('groups_template_group_forum_topic_edit', 'groups/single/home'));
// Standard topic display.
} else {
if (!empty($user_is_banned)) {
bp_core_add_message(__("You have been banned from this group.", 'buddypress'));
}
/**
* Filters the template to load for a topic page.
*
* @since 1.1.0
*
* @param string $value Path to a topic template.
*/
bp_core_load_template(apply_filters('groups_template_group_forum_topic', 'groups/single/home'));
}
// Forum topic does not exist.
} elseif (!empty($topic_slug) && empty($topic_id)) {
bp_do_404();
return;
} else {
// Posting a topic.
if (isset($_POST['submit_topic']) && bp_is_active('forums')) {
// Check the nonce.
check_admin_referer('bp_forums_new_topic');
if ($user_is_banned) {
$error_message = __("You have been banned from this group.", 'buddypress');
} elseif (bp_groups_auto_join() && !bp_current_user_can('bp_moderate') && 'public' == $bp->groups->current_group->status && !groups_is_user_member(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
// Auto join this user if they are not yet a member of this group.
groups_join_group($bp->groups->current_group->id, bp_loggedin_user_id());
}
if (empty($_POST['topic_title'])) {
$error_message = __('Please provide a title for your forum topic.', 'buddypress');
} elseif (empty($_POST['topic_text'])) {
$error_message = __('Forum posts cannot be empty. Please enter some text.', 'buddypress');
}
if (empty($forum_id)) {
$error_message = __('This group does not have a forum setup yet.', 'buddypress');
}
if (isset($error_message)) {
bp_core_add_message($error_message, 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
if (!($topic = groups_new_group_forum_topic($_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id))) {
bp_core_add_message(__('There was an error when creating the topic', 'buddypress'), 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
bp_core_add_message(__('The topic was created successfully', 'buddypress'));
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic->topic_slug . '/';
}
}
bp_core_redirect($redirect);
}
/**
* Fires at the end of the group forum screen loading process.
*
* @since 1.0.0
*
* @param int $topic_id ID of the topic being displayed.
* @param int $forum_id ID of the forum being displayed.
*/
do_action('groups_screen_group_forum', $topic_id, $forum_id);
/**
* Filters the template to load for a group forum page.
*
* @since 1.0.0
*
* @param string $value Path to a group forum template.
*/
bp_core_load_template(apply_filters('groups_template_group_forum', 'groups/single/home'));
}
}
/**
* Adds a navigation item to the sub navigation array used in BuddyPress themes.
*
* @package BuddyPress Core
* @global object $bp Global BuddyPress settings object
*/
function bp_core_new_subnav_item($args = '')
{
global $bp;
$defaults = array('name' => false, 'slug' => false, 'parent_slug' => false, 'parent_url' => false, 'item_css_id' => false, 'user_has_access' => true, 'site_admin_only' => false, 'position' => 90, 'screen_function' => false, 'link' => '');
$r = nxt_parse_args($args, $defaults);
extract($r, EXTR_SKIP);
// If we don't have the required info we need, don't create this subnav item
if (empty($name) || empty($slug) || empty($parent_slug) || empty($parent_url) || empty($screen_function)) {
return false;
}
if (empty($link)) {
$link = $parent_url . $slug;
}
// If this is for site admins only and the user is not one, don't create the subnav item
if ($site_admin_only && !is_super_admin()) {
return false;
}
if (empty($item_css_id)) {
$item_css_id = $slug;
}
$bp->bp_options_nav[$parent_slug][$slug] = array('name' => $name, 'link' => trailingslashit($link), 'slug' => $slug, 'css_id' => $item_css_id, 'position' => $position, 'user_has_access' => $user_has_access, 'screen_function' => &$screen_function);
/**
* The last step is to hook the screen function for the added subnav item. But this only
* needs to be done if this subnav item is the current view, and the user has access to the
* subnav item. We figure out whether we're currently viewing this subnav by checking the
* following two conditions:
* (1) Either:
* (a) the parent slug matches the current_component, or
* (b) the parent slug matches the current_item
* (2) And either:
* (a) the current_action matches $slug, or
* (b) there is no current_action (ie, this is the default subnav for the parent nav)
* and this subnav item is the default for the parent item (which we check by
* comparing this subnav item's screen function with the screen function of the
* parent nav item in $bp->bp_nav). This condition only arises when viewing a
* user, since groups should always have an action set.
*/
// If we *don't* meet condition (1), return
if ($bp->current_component != $parent_slug && $bp->current_item != $parent_slug) {
return;
}
// If we *do* meet condition (2), then the added subnav item is currently being requested
if (!empty($bp->current_action) && $slug == $bp->current_action || bp_is_user() && empty($bp->current_action) && $screen_function == $bp->bp_nav[$parent_slug]['screen_function']) {
// Before hooking the screen function, check user access
if ($user_has_access) {
if (!is_object($screen_function[0])) {
add_action('bp_screens', $screen_function);
} else {
add_action('bp_screens', array(&$screen_function[0], $screen_function[1]));
}
} else {
// When the content is off-limits, we handle the situation differently
// depending on whether the current user is logged in
if (is_user_logged_in()) {
// Off-limits to this user. Throw an error and redirect to the displayed user's domain
bp_core_no_access(array('message' => __('You do not have access to this page.', 'buddypress'), 'root' => bp_displayed_user_domain(), 'redirect' => false));
} else {
// Not logged in. Allow the user to log in, and attempt to redirect
bp_core_no_access();
}
}
}
}
/**
* Register a screen function, whether or not a related subnav link exists.
*
* @param array|string $args {
* Array describing the new subnav item.
* @type string $slug Unique URL slug for the subnav item.
* @type string $parent_slug Slug of the top-level nav item under which the
* new subnav item should be added.
* @type string $parent_url URL of the parent nav item.
* @type bool $user_has_access Optional. True if the logged-in user has access to the
* subnav item, otherwise false. Can be set dynamically
* when registering the subnav; eg, use bp_is_my_profile()
* to restrict access to profile owners only. Default: true.
* @type bool $site_admin_only Optional. Whether the nav item should be visible
* only to site admins (those with the 'bp_moderate' cap).
* Default: false.
* @type int $position Optional. Numerical index specifying where the item
* should appear in the subnav array. Default: 90.
* @type callable $screen_function The callback function that will run
* when the nav item is clicked.
* @type string $link Optional. The URL that the subnav item should point to.
* Defaults to a value generated from the $parent_url + $slug.
* @type bool $show_in_admin_bar Optional. Whether the nav item should be added into
* the group's "Edit" Admin Bar menu for group admins.
* Default: false.
* }
*
* @return bool|null Returns false on failure.
*/
function bp_core_register_subnav_screen_function($args = '')
{
$bp = buddypress();
$r = wp_parse_args($args, array('slug' => false, 'parent_slug' => false, 'user_has_access' => true, 'no_access_url' => '', 'site_admin_only' => false, 'screen_function' => false));
/**
* Hook the screen function for the added subnav item. But this only needs to
* be done if this subnav item is the current view, and the user has access to the
* subnav item. We figure out whether we're currently viewing this subnav by
* checking the following two conditions:
* (1) Either:
* (a) the parent slug matches the current_component, or
* (b) the parent slug matches the current_item
* (2) And either:
* (a) the current_action matches $slug, or
* (b) there is no current_action (ie, this is the default subnav for the parent nav)
* and this subnav item is the default for the parent item (which we check by
* comparing this subnav item's screen function with the screen function of the
* parent nav item in $bp->bp_nav). This condition only arises when viewing a
* user, since groups should always have an action set.
*/
// If we *don't* meet condition (1), return
if (!bp_is_current_component($r['parent_slug']) && !bp_is_current_item($r['parent_slug'])) {
return;
}
// If we *do* meet condition (2), then the added subnav item is currently being requested
if (bp_current_action() && bp_is_current_action($r['slug']) || bp_is_user() && !bp_current_action() && $r['screen_function'] == $bp->bp_nav[$r['parent_slug']]['screen_function']) {
// If this is for site admins only and the user is not one, don't create the subnav item
if (!empty($r['site_admin_only']) && !bp_current_user_can('bp_moderate')) {
return false;
}
$hooked = bp_core_maybe_hook_new_subnav_screen_function($r);
// If redirect args have been returned, perform the redirect now
if (!empty($hooked['status']) && 'failure' === $hooked['status'] && isset($hooked['redirect_args'])) {
bp_core_no_access($hooked['redirect_args']);
}
}
}
/**
* Catches page loads, determines what to do, and sends users on their merry way
*
* @package BuddyPress Docs
* @since 1.0-beta
* @todo This needs a ton of cleanup
*/
function catch_page_load()
{
global $bp;
if (!empty($_POST['doc-edit-submit'])) {
check_admin_referer('bp_docs_save');
$this_doc = new BP_Docs_Query();
$result = $this_doc->save();
bp_core_add_message($result['message'], $result['message_type']);
bp_core_redirect(trailingslashit($result['redirect_url']));
}
if (!empty($_POST['docs-filter-submit'])) {
$this->handle_filters();
}
// If this is the edit screen, ensure that the user can edit the
// doc before querying, and redirect if necessary
if (bp_docs_is_doc_edit()) {
if (current_user_can('bp_docs_edit')) {
$doc = bp_docs_get_current_doc();
// The user can edit, so we check for edit locks
// Because we're not using WP autosave at the moment, ensure that
// the lock interval always returns as in process
add_filter('wp_check_post_lock_window', create_function(false, 'return time();'));
$lock = bp_docs_check_post_lock($doc->ID);
if ($lock) {
bp_core_add_message(sprintf(__('This doc is currently being edited by %s. To prevent overwrites, you cannot edit until that user has finished. Please try again in a few minutes.', 'bp-docs'), bp_core_get_user_displayname($lock)), 'error');
// Redirect back to the non-edit view of this document
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
} else {
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
// The user does not have edit permission. Redirect.
bp_core_add_message(__('You do not have permission to edit the doc.', 'bp-docs'), 'error');
// Redirect back to the non-edit view of this document
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
}
if (bp_docs_is_doc_create()) {
if (!current_user_can('bp_docs_create')) {
// The user does not have edit permission. Redirect.
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
bp_core_add_message(__('You do not have permission to create a Doc in this group.', 'bp-docs'), 'error');
$group_permalink = bp_get_group_permalink($bp->groups->current_group);
// Redirect back to the Doc list view
bp_core_redirect($group_permalink . $bp->bp_docs->slug . '/');
die;
}
}
if (!empty($bp->bp_docs->current_view) && 'history' == $bp->bp_docs->current_view) {
if (!current_user_can('bp_docs_view_history')) {
// The user does not have edit permission. Redirect.
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
bp_core_add_message(__('You do not have permission to view this Doc\'s history.', 'bp-docs'), 'error');
$doc = bp_docs_get_current_doc();
$redirect = bp_docs_get_doc_link($doc->ID);
// Redirect back to the Doc list view
bp_core_redirect($redirect);
die;
}
}
// Cancel edit lock
if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit_lock') {
// Check the nonce
check_admin_referer('bp_docs_cancel_edit_lock');
// Todo: make this part of the perms system
if (is_super_admin() || bp_group_is_admin()) {
$doc = bp_docs_get_current_doc();
// Todo: get this into a proper method as well, blech
delete_post_meta($doc->ID, '_bp_docs_last_pinged');
bp_core_add_message(__('Lock successfully removed', 'bp-docs'));
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
}
// Cancel edit
// Have to have a catcher for this so the edit lock can be removed
if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit') {
$doc = bp_docs_get_current_doc();
// Todo: get this into a proper method as well, blech
delete_post_meta($doc->ID, '_bp_docs_last_pinged');
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
// Todo: get this into a proper method
if (bp_docs_is_doc_read() && !empty($_GET['delete'])) {
check_admin_referer('bp_docs_delete');
if (current_user_can('bp_docs_manage')) {
$delete_doc_id = get_queried_object_id();
if (bp_docs_trash_doc($delete_doc_id)) {
bp_core_add_message(__('Doc successfully deleted!', 'bp-docs'));
} else {
bp_core_add_message(__('Could not delete doc.', 'bp-docs'));
}
} else {
bp_core_add_message(__('You do not have permission to delete that doc.', 'bp-docs'), 'error');
}
bp_core_redirect(home_url(bp_docs_get_docs_slug()));
die;
}
if (bp_docs_is_doc_read() && !empty($_GET['untrash']) && !empty($_GET['doc_id'])) {
check_admin_referer('bp_docs_untrash');
$untrash_doc_id = absint($_GET['doc_id']);
if (current_user_can('bp_docs_manage', $untrash_doc_id)) {
if (bp_docs_untrash_doc($untrash_doc_id)) {
bp_core_add_message(__('Doc successfully removed from Trash!', 'bp-docs'));
} else {
bp_core_add_message(__('Could not remove Doc from Trash.', 'bp-docs'));
}
} else {
bp_core_add_message(__('You do not have permission to remove that Doc from the Trash.', 'bp-docs'), 'error');
}
bp_core_redirect(bp_docs_get_doc_link($untrash_doc_id));
die;
}
}
/**
* This screen function handles actions related to group forums
*
* @package BuddyPress
*/
function groups_screen_group_forum()
{
global $bp;
if (!bp_is_active('forums') || !bp_forums_is_installed_correctly()) {
return false;
}
if (bp_action_variable(0) && !bp_is_action_variable('topic', 0)) {
bp_do_404();
return;
}
if (!$bp->groups->current_group->user_has_access) {
bp_core_no_access();
return;
}
if (bp_is_single_item()) {
// Fetch the details we need
$topic_slug = (string) bp_action_variable(1);
$topic_id = bp_forums_get_topic_id_from_slug($topic_slug);
$forum_id = groups_get_groupmeta($bp->groups->current_group->id, 'forum_id');
$user_is_banned = false;
if (!bp_current_user_can('bp_moderate') && groups_is_user_banned(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
$user_is_banned = true;
}
if (!empty($topic_slug) && !empty($topic_id)) {
// Posting a reply
if (!$user_is_banned && !bp_action_variable(2) && isset($_POST['submit_reply'])) {
// Check the nonce
check_admin_referer('bp_forums_new_reply');
// Auto join this user if they are not yet a member of this group
if (bp_groups_auto_join() && !bp_current_user_can('bp_moderate') && 'public' == $bp->groups->current_group->status && !groups_is_user_member(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
groups_join_group($bp->groups->current_group->id, bp_loggedin_user_id());
}
$topic_page = isset($_GET['topic_page']) ? $_GET['topic_page'] : false;
if (!($post_id = groups_new_group_forum_post($_POST['reply_text'], $topic_id, $topic_page))) {
bp_core_add_message(__('There was an error when replying to that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Your reply was posted successfully', 'buddypress'));
}
if (isset($_SERVER['QUERY_STRING'])) {
$query_vars = '?' . $_SERVER['QUERY_STRING'];
}
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()) . 'forum/topic/' . $topic_slug . '/' . $query_vars . '#post-' . $post_id);
} else {
if (bp_is_action_variable('stick', 2) && (isset($bp->is_item_admin) || isset($bp->is_item_mod))) {
// Check the nonce
check_admin_referer('bp_forums_stick_topic');
if (!bp_forums_sticky_topic(array('topic_id' => $topic_id))) {
bp_core_add_message(__('There was an error when making that topic a sticky', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was made sticky successfully', 'buddypress'));
}
do_action('groups_stick_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} else {
if (bp_is_action_variable('unstick', 2) && (isset($bp->is_item_admin) || isset($bp->is_item_mod))) {
// Check the nonce
check_admin_referer('bp_forums_unstick_topic');
if (!bp_forums_sticky_topic(array('topic_id' => $topic_id, 'mode' => 'unstick'))) {
bp_core_add_message(__('There was an error when unsticking that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was unstuck successfully', 'buddypress'));
}
do_action('groups_unstick_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} else {
if (bp_is_action_variable('close', 2) && (isset($bp->is_item_admin) || isset($bp->is_item_mod))) {
// Check the nonce
check_admin_referer('bp_forums_close_topic');
if (!bp_forums_openclose_topic(array('topic_id' => $topic_id))) {
bp_core_add_message(__('There was an error when closing that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was closed successfully', 'buddypress'));
}
do_action('groups_close_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} else {
if (bp_is_action_variable('open', 2) && (isset($bp->is_item_admin) || isset($bp->is_item_mod))) {
// Check the nonce
check_admin_referer('bp_forums_open_topic');
if (!bp_forums_openclose_topic(array('topic_id' => $topic_id, 'mode' => 'open'))) {
bp_core_add_message(__('There was an error when opening that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was opened successfully', 'buddypress'));
}
do_action('groups_open_forum_topic', $topic_id);
bp_core_redirect(wp_get_referer());
} else {
if (empty($user_is_banned) && bp_is_action_variable('delete', 2) && !bp_action_variable(3)) {
// Fetch the topic
$topic = bp_forums_get_topic_details($topic_id);
/* Check the logged in user can delete this topic */
if (!$bp->is_item_admin && !$bp->is_item_mod && (int) bp_loggedin_user_id() != (int) $topic->topic_poster) {
bp_core_redirect(wp_get_referer());
}
// Check the nonce
check_admin_referer('bp_forums_delete_topic');
do_action('groups_before_delete_forum_topic', $topic_id);
if (!groups_delete_group_forum_topic($topic_id)) {
bp_core_add_message(__('There was an error deleting the topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was deleted successfully', 'buddypress'));
}
do_action('groups_delete_forum_topic', $topic_id);
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()) . 'forum/');
} else {
if (empty($user_is_banned) && bp_is_action_variable('edit', 2) && !bp_action_variable(3)) {
// Fetch the topic
$topic = bp_forums_get_topic_details($topic_id);
// Check the logged in user can edit this topic
if (!$bp->is_item_admin && !$bp->is_item_mod && (int) bp_loggedin_user_id() != (int) $topic->topic_poster) {
bp_core_redirect(wp_get_referer());
}
if (isset($_POST['save_changes'])) {
// Check the nonce
check_admin_referer('bp_forums_edit_topic');
$topic_tags = !empty($_POST['topic_tags']) ? $_POST['topic_tags'] : false;
if (!groups_update_group_forum_topic($topic_id, $_POST['topic_title'], $_POST['topic_text'], $topic_tags)) {
bp_core_add_message(__('There was an error when editing that topic', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The topic was edited successfully', 'buddypress'));
}
do_action('groups_edit_forum_topic', $topic_id);
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()) . 'forum/topic/' . $topic_slug . '/');
}
bp_core_load_template(apply_filters('groups_template_group_forum_topic_edit', 'groups/single/home'));
} else {
if (empty($user_is_banned) && bp_is_action_variable('delete', 2) && ($post_id = bp_action_variable(4))) {
// Fetch the post
$post = bp_forums_get_post($post_id);
// Check the logged in user can edit this topic
if (!$bp->is_item_admin && !$bp->is_item_mod && (int) bp_loggedin_user_id() != (int) $post->poster_id) {
bp_core_redirect(wp_get_referer());
}
// Check the nonce
check_admin_referer('bp_forums_delete_post');
do_action('groups_before_delete_forum_post', $post_id);
if (!groups_delete_group_forum_post($post_id)) {
bp_core_add_message(__('There was an error deleting that post', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The post was deleted successfully', 'buddypress'));
}
do_action('groups_delete_forum_post', $post_id);
bp_core_redirect(wp_get_referer());
} else {
if (empty($user_is_banned) && bp_is_action_variable('edit', 2) && ($post_id = bp_action_variable(4))) {
// Fetch the post
$post = bp_forums_get_post($post_id);
// Check the logged in user can edit this topic
if (!$bp->is_item_admin && !$bp->is_item_mod && (int) bp_loggedin_user_id() != (int) $post->poster_id) {
bp_core_redirect(wp_get_referer());
}
if (isset($_POST['save_changes'])) {
// Check the nonce
check_admin_referer('bp_forums_edit_post');
$topic_page = isset($_GET['topic_page']) ? $_GET['topic_page'] : false;
if (!($post_id = groups_update_group_forum_post($post_id, $_POST['post_text'], $topic_id, $topic_page))) {
bp_core_add_message(__('There was an error when editing that post', 'buddypress'), 'error');
} else {
bp_core_add_message(__('The post was edited successfully', 'buddypress'));
}
if ($_SERVER['QUERY_STRING']) {
$query_vars = '?' . $_SERVER['QUERY_STRING'];
}
do_action('groups_edit_forum_post', $post_id);
bp_core_redirect(bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic_slug . '/' . $query_vars . '#post-' . $post_id);
}
bp_core_load_template(apply_filters('groups_template_group_forum_topic_edit', 'groups/single/home'));
} else {
if (!empty($user_is_banned)) {
bp_core_add_message(__("You have been banned from this group.", 'buddypress'));
}
bp_core_load_template(apply_filters('groups_template_group_forum_topic', 'groups/single/home'));
}
}
}
}
}
}
}
}
}
// Forum topic does not exist
} elseif (!empty($topic_slug) && empty($topic_id)) {
bp_do_404();
return;
} else {
// Posting a topic
if (isset($_POST['submit_topic']) && bp_is_active('forums')) {
// Check the nonce
check_admin_referer('bp_forums_new_topic');
if ($user_is_banned) {
$error_message = __("You have been banned from this group.", 'buddypress');
} elseif (bp_groups_auto_join() && !bp_current_user_can('bp_moderate') && 'public' == $bp->groups->current_group->status && !groups_is_user_member(bp_loggedin_user_id(), $bp->groups->current_group->id)) {
// Auto join this user if they are not yet a member of this group
groups_join_group($bp->groups->current_group->id, bp_loggedin_user_id());
}
if (empty($_POST['topic_title'])) {
$error_message = __('Please provide a title for your forum topic.', 'buddypress');
} else {
if (empty($_POST['topic_text'])) {
$error_message = __('Forum posts cannot be empty. Please enter some text.', 'buddypress');
}
}
if (empty($forum_id)) {
$error_message = __('This group does not have a forum setup yet.', 'buddypress');
}
if (isset($error_message)) {
bp_core_add_message($error_message, 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
if (!($topic = groups_new_group_forum_topic($_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id))) {
bp_core_add_message(__('There was an error when creating the topic', 'buddypress'), 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
bp_core_add_message(__('The topic was created successfully', 'buddypress'));
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic->topic_slug . '/';
}
}
bp_core_redirect($redirect);
}
do_action('groups_screen_group_forum', $topic_id, $forum_id);
bp_core_load_template(apply_filters('groups_template_group_forum', 'groups/single/home'));
}
}
}
/**
* Setup globals
*
* The BP_GROUPS_SLUG constant is deprecated, and only used here for
* backwards compatibility.
*
* @since BuddyPress (1.5)
* @global BuddyPress $bp The one true BuddyPress instance
*/
function setup_globals()
{
global $bp;
// Define a slug, if necessary
if (!defined('BP_GROUPS_SLUG')) {
define('BP_GROUPS_SLUG', $this->id);
}
// Global tables for messaging component
$global_tables = array('table_name' => $bp->table_prefix . 'bp_groups', 'table_name_members' => $bp->table_prefix . 'bp_groups_members', 'table_name_groupmeta' => $bp->table_prefix . 'bp_groups_groupmeta');
// All globals for messaging component.
// Note that global_tables is included in this array.
$globals = array('slug' => BP_GROUPS_SLUG, 'root_slug' => isset($bp->pages->groups->slug) ? $bp->pages->groups->slug : BP_GROUPS_SLUG, 'has_directory' => true, 'notification_callback' => 'groups_format_notifications', 'search_string' => __('Search Groups...', 'buddypress'), 'global_tables' => $global_tables);
parent::setup_globals($globals);
/** Single Group Globals **********************************************/
// Are we viewing a single group?
if (bp_is_groups_component() && ($group_id = BP_Groups_Group::group_exists(bp_current_action()))) {
$bp->is_single_item = true;
$current_group_class = apply_filters('bp_groups_current_group_class', 'BP_Groups_Group');
$this->current_group = apply_filters('bp_groups_current_group_object', new $current_group_class($group_id));
// When in a single group, the first action is bumped down one because of the
// group name, so we need to adjust this and set the group name to current_item.
$bp->current_item = bp_current_action();
$bp->current_action = bp_action_variable(0);
array_shift($bp->action_variables);
// Using "item" not "group" for generic support in other components.
if (bp_current_user_can('bp_moderate')) {
bp_update_is_item_admin(true, 'groups');
} else {
bp_update_is_item_admin(groups_is_user_admin(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// If the user is not an admin, check if they are a moderator
if (!bp_is_item_admin()) {
bp_update_is_item_mod(groups_is_user_mod(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// Is the logged in user a member of the group?
if (is_user_logged_in() && groups_is_user_member(bp_loggedin_user_id(), $this->current_group->id)) {
$this->current_group->is_user_member = true;
} else {
$this->current_group->is_user_member = false;
}
// Should this group be visible to the logged in user?
if ('public' == $this->current_group->status || $this->current_group->is_user_member) {
$this->current_group->is_visible = true;
} else {
$this->current_group->is_visible = false;
}
// If this is a private or hidden group, does the user have access?
if ('private' == $this->current_group->status || 'hidden' == $this->current_group->status) {
if ($this->current_group->is_user_member && is_user_logged_in() || bp_current_user_can('bp_moderate')) {
$this->current_group->user_has_access = true;
} else {
$this->current_group->user_has_access = false;
}
} else {
$this->current_group->user_has_access = true;
}
// Set current_group to 0 to prevent debug errors
} else {
$this->current_group = 0;
}
// Illegal group names/slugs
$this->forbidden_names = apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $this->slug, $this->root_slug));
// If the user was attempting to access a group, but no group by that name was found, 404
if (bp_is_groups_component() && empty($this->current_group) && bp_current_action() && !in_array(bp_current_action(), $this->forbidden_names)) {
bp_do_404();
return;
}
if (bp_is_groups_component() && !empty($this->current_group)) {
$this->default_extension = apply_filters('bp_groups_default_extension', defined('BP_GROUPS_DEFAULT_EXTENSION') ? BP_GROUPS_DEFAULT_EXTENSION : 'home');
if (!bp_current_action()) {
$bp->current_action = $this->default_extension;
}
// Prepare for a redirect to the canonical URL
$bp->canonical_stack['base_url'] = bp_get_group_permalink($this->current_group);
if (bp_current_action()) {
$bp->canonical_stack['action'] = bp_current_action();
}
if (!empty($bp->action_variables)) {
$bp->canonical_stack['action_variables'] = bp_action_variables();
}
// When viewing the default extension, the canonical URL should not have
// that extension's slug, unless more has been tacked onto the URL via
// action variables
if (bp_is_current_action($this->default_extension) && empty($bp->action_variables)) {
unset($bp->canonical_stack['action']);
}
}
// Group access control
if (bp_is_groups_component() && !empty($this->current_group)) {
if (!$this->current_group->user_has_access) {
// Hidden groups should return a 404 for non-members.
// Unset the current group so that you're not redirected
// to the default group tab
if ('hidden' == $this->current_group->status) {
$this->current_group = 0;
$bp->is_single_item = false;
bp_do_404();
return;
// Skip the no_access check on home and membership request pages
} elseif (!bp_is_current_action('home') && !bp_is_current_action('request-membership')) {
// Off-limits to this user. Throw an error and redirect to the group's home page
if (is_user_logged_in()) {
bp_core_no_access(array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false));
// User does not have access, and does not get a message
} else {
bp_core_no_access();
}
}
}
// Protect the admin tab from non-admins
if (bp_is_current_action('admin') && !bp_is_item_admin()) {
bp_core_no_access(array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false));
}
}
// Preconfigured group creation steps
$this->group_creation_steps = apply_filters('groups_create_group_steps', array('group-details' => array('name' => __('Details', 'buddypress'), 'position' => 0), 'group-settings' => array('name' => __('Settings', 'buddypress'), 'position' => 10)));
// If avatar uploads are not disabled, add avatar option
if (!(int) bp_get_option('bp-disable-avatar-uploads')) {
$this->group_creation_steps['group-avatar'] = array('name' => __('Avatar', 'buddypress'), 'position' => 20);
}
// If friends component is active, add invitations
if (bp_is_active('friends')) {
$this->group_creation_steps['group-invites'] = array('name' => __('Invites', 'buddypress'), 'position' => 30);
}
// Groups statuses
$this->valid_status = apply_filters('groups_valid_status', array('public', 'private', 'hidden'));
// Auto join group when non group member performs group activity
$this->auto_join = defined('BP_DISABLE_AUTO_GROUP_JOIN') && BP_DISABLE_AUTO_GROUP_JOIN ? false : true;
}
/**
* Add a subnav item to the BuddyPress navigation.
*
* @param array $args {
* Array describing the new subnav item.
* @type string $name Display name for the subnav item.
* @type string $slug Unique URL slug for the subnav item.
* @type string $parent_slug Slug of the top-level nav item under which the
* new subnav item should be added.
* @type string $parent_url URL of the parent nav item.
* @type bool|string $item_css_id Optional. 'id' attribute for the nav
* item. Default: the value of $slug.
* @type bool $user_has_access Optional. True if the logged-in user has
* access to the subnav item, otherwise false. Can be set dynamically
* when registering the subnav; eg, use bp_is_my_profile() to restrict
* access to profile owners only. Default: true.
* @type bool $site_admin_only Optional. Whether the nav item should be
* visible only to site admins (those with the 'bp_moderate' cap).
* Default: false.
* @type int $position Optional. Numerical index specifying where the item
* should appear in the subnav array. Default: 90.
* @type callable $screen_function The callback function that will run
* when the nav item is clicked.
* @type string $link Optional. The URL that the subnav item should point
* to. Defaults to a value generated from the $parent_url + $slug.
* @type bool $show_in_admin_bar Optional. Whether the nav item should be
* added into the group's "Edit" Admin Bar menu for group admins.
* Default: false.
* }
* @return bool|null Returns false on failure.
*/
function bp_core_new_subnav_item($args = '')
{
$bp = buddypress();
$r = wp_parse_args($args, array('name' => false, 'slug' => false, 'parent_slug' => false, 'parent_url' => false, 'item_css_id' => false, 'user_has_access' => true, 'no_access_url' => '', 'site_admin_only' => false, 'position' => 90, 'screen_function' => false, 'link' => '', 'show_in_admin_bar' => false));
extract($r, EXTR_SKIP);
// If we don't have the required info we need, don't create this subnav item
if (empty($name) || empty($slug) || empty($parent_slug) || empty($parent_url) || empty($screen_function)) {
return false;
}
// Link was not forced, so create one
if (empty($link)) {
$link = trailingslashit($parent_url . $slug);
// If this sub item is the default for its parent, skip the slug
if (!empty($bp->bp_nav[$parent_slug]['default_subnav_slug']) && $slug == $bp->bp_nav[$parent_slug]['default_subnav_slug']) {
$link = trailingslashit($parent_url);
}
}
// If this is for site admins only and the user is not one, don't create the subnav item
if (!empty($site_admin_only) && !bp_current_user_can('bp_moderate')) {
return false;
}
if (empty($item_css_id)) {
$item_css_id = $slug;
}
$subnav_item = array('name' => $name, 'link' => $link, 'slug' => $slug, 'css_id' => $item_css_id, 'position' => $position, 'user_has_access' => $user_has_access, 'no_access_url' => $no_access_url, 'screen_function' => &$screen_function, 'show_in_admin_bar' => (bool) $r['show_in_admin_bar']);
$bp->bp_options_nav[$parent_slug][$slug] = $subnav_item;
/**
* The last step is to hook the screen function for the added subnav item. But this only
* needs to be done if this subnav item is the current view, and the user has access to the
* subnav item. We figure out whether we're currently viewing this subnav by checking the
* following two conditions:
* (1) Either:
* (a) the parent slug matches the current_component, or
* (b) the parent slug matches the current_item
* (2) And either:
* (a) the current_action matches $slug, or
* (b) there is no current_action (ie, this is the default subnav for the parent nav)
* and this subnav item is the default for the parent item (which we check by
* comparing this subnav item's screen function with the screen function of the
* parent nav item in $bp->bp_nav). This condition only arises when viewing a
* user, since groups should always have an action set.
*/
// If we *don't* meet condition (1), return
if (!bp_is_current_component($parent_slug) && !bp_is_current_item($parent_slug)) {
return;
}
// If we *do* meet condition (2), then the added subnav item is currently being requested
if (bp_current_action() && bp_is_current_action($slug) || bp_is_user() && !bp_current_action() && $screen_function == $bp->bp_nav[$parent_slug]['screen_function']) {
$hooked = bp_core_maybe_hook_new_subnav_screen_function($subnav_item);
// If redirect args have been returned, perform the redirect now
if (!empty($hooked['status']) && 'failure' === $hooked['status'] && isset($hooked['redirect_args'])) {
bp_core_no_access($hooked['redirect_args']);
}
}
}
/**
* Protects group docs from unauthorized access
*
* @since 1.2
*/
function protect_doc_access()
{
// What is the user trying to do?
if (bp_docs_is_doc_read()) {
$action = 'bp_docs_read';
} else {
if (bp_docs_is_doc_create()) {
$action = 'bp_docs_create';
} else {
if (bp_docs_is_doc_edit()) {
$action = 'bp_docs_edit';
} else {
if (bp_docs_is_doc_history()) {
$action = 'bp_docs_view_history';
}
}
}
}
if (!isset($action)) {
return;
}
if (!current_user_can($action)) {
$redirect_to = bp_docs_get_doc_link();
bp_core_no_access(array('mode' => 2, 'redirect' => $redirect_to));
}
}
/**
* Add a subnav item to the BuddyPress navigation.
*
* @global BuddyPress $bp The one true BuddyPress instance.
*
* @param array $args {
* Array describing the new subnav item.
* @type string $name Display name for the subnav item.
* @type string $slug Unique URL slug for the subnav item.
* @type string $parent_slug Slug of the top-level nav item under which the
* new subnav item should be added.
* @type string $parent_url URL of the parent nav item.
* @type bool|string $item_css_id Optional. 'id' attribute for the nav
* item. Default: the value of $slug.
* @type bool $user_has_access Optional. True if the logged-in user has
* access to the subnav item, otherwise false. Can be set dynamically
* when registering the subnav; eg, use bp_is_my_profile() to restrict
* access to profile owners only. Default: true.
* @type bool $site_admin_only Optional. Whether the nav item should be
* visible only to site admins (those with the 'bp_moderate' cap).
* Default: false.
* @type int $position Optional. Numerical index specifying where the item
* should appear in the subnav array. Default: 90.
* @type callable $screen_function The callback function that will run
* when the nav item is clicked.
* @type string $link Optional. The URL that the subnav item should point
* to. Defaults to a value generated from the $parent_url + $slug.
* }
* @return bool|null Returns false on failure.
*/
function bp_core_new_subnav_item($args = '')
{
global $bp;
$defaults = array('name' => false, 'slug' => false, 'parent_slug' => false, 'parent_url' => false, 'item_css_id' => false, 'user_has_access' => true, 'site_admin_only' => false, 'position' => 90, 'screen_function' => false, 'link' => '');
$r = wp_parse_args($args, $defaults);
extract($r, EXTR_SKIP);
// If we don't have the required info we need, don't create this subnav item
if (empty($name) || empty($slug) || empty($parent_slug) || empty($parent_url) || empty($screen_function)) {
return false;
}
// Link was not forced, so create one
if (empty($link)) {
$link = $parent_url . $slug;
// If this sub item is the default for its parent, skip the slug
if (!empty($bp->bp_nav[$parent_slug]['default_subnav_slug']) && $slug == $bp->bp_nav[$parent_slug]['default_subnav_slug']) {
$link = $parent_url;
}
}
// If this is for site admins only and the user is not one, don't create the subnav item
if (!empty($site_admin_only) && !bp_current_user_can('bp_moderate')) {
return false;
}
if (empty($item_css_id)) {
$item_css_id = $slug;
}
$bp->bp_options_nav[$parent_slug][$slug] = array('name' => $name, 'link' => trailingslashit($link), 'slug' => $slug, 'css_id' => $item_css_id, 'position' => $position, 'user_has_access' => $user_has_access, 'screen_function' => &$screen_function);
/**
* The last step is to hook the screen function for the added subnav item. But this only
* needs to be done if this subnav item is the current view, and the user has access to the
* subnav item. We figure out whether we're currently viewing this subnav by checking the
* following two conditions:
* (1) Either:
* (a) the parent slug matches the current_component, or
* (b) the parent slug matches the current_item
* (2) And either:
* (a) the current_action matches $slug, or
* (b) there is no current_action (ie, this is the default subnav for the parent nav)
* and this subnav item is the default for the parent item (which we check by
* comparing this subnav item's screen function with the screen function of the
* parent nav item in $bp->bp_nav). This condition only arises when viewing a
* user, since groups should always have an action set.
*/
// If we *don't* meet condition (1), return
if (!bp_is_current_component($parent_slug) && !bp_is_current_item($parent_slug)) {
return;
}
// If we *do* meet condition (2), then the added subnav item is currently being requested
if (bp_current_action() && bp_is_current_action($slug) || bp_is_user() && !bp_current_action() && $screen_function == $bp->bp_nav[$parent_slug]['screen_function']) {
// Before hooking the screen function, check user access
if (!empty($user_has_access)) {
// Add our screen hook if screen function is callable
if (is_callable($screen_function)) {
add_action('bp_screens', $screen_function, 3);
}
} else {
// When the content is off-limits, we handle the situation
// differently depending on whether the current user is logged in
if (is_user_logged_in()) {
if (!bp_is_my_profile() && empty($bp->bp_nav[$bp->default_component]['show_for_displayed_user'])) {
// This covers the edge case where the default component is
// a non-public tab, like 'messages'
if (bp_is_active('activity') && isset($bp->pages->activity)) {
$redirect_to = trailingslashit(bp_displayed_user_domain() . bp_get_activity_slug());
} else {
$redirect_to = trailingslashit(bp_displayed_user_domain() . ('xprofile' == $bp->profile->id ? 'profile' : $bp->profile->id));
}
$message = '';
} else {
$message = __('You do not have access to this page.', 'buddypress');
$redirect_to = bp_displayed_user_domain();
}
// Off-limits to this user. Throw an error and redirect to the displayed user's domain
bp_core_no_access(array('message' => $message, 'root' => $redirect_to, 'redirect' => false));
// Not logged in. Allow the user to log in, and attempt to redirect
} else {
bp_core_no_access();
}
}
}
}
function bp_media_check_user()
{
if (bp_loggedin_user_id() != bp_displayed_user_id()) {
bp_core_no_access(array('message' => __('You do not have access to this page.', 'buddypress'), 'root' => bp_displayed_user_domain(), 'redirect' => false));
exit;
}
}
/**
* Generates an iCal file using the rendez-vous datas
*
* @package Rendez Vous
* @subpackage Functions
*
* @since Rendez Vous (1.1.0)
*
* @return string calendar file
*/
function rendez_vous_download_ical()
{
$ical_page = array('is' => (bool) bp_is_current_action('schedule') && 'ical' == bp_action_variable(0), 'rdv' => (int) bp_action_variable(1));
apply_filters('rendez_vous_download_ical', (array) $ical_page);
if (empty($ical_page['is'])) {
return;
}
$redirect = wp_get_referer();
$user_attend = trailingslashit(bp_loggedin_user_domain() . buddypress()->rendez_vous->slug . '/attend');
if (empty($ical_page['rdv'])) {
bp_core_add_message(__('The rendez-vous was not found.', 'rendez-vous'), 'error');
bp_core_redirect($redirect);
}
$rendez_vous = rendez_vous_get_item($ical_page['rdv']);
// Redirect the user to the login form
if (!is_user_logged_in()) {
bp_core_no_access(array('redirect' => $_SERVER['REQUEST_URI']));
return;
}
// Redirect if no rendez vous found
if (empty($rendez_vous->organizer) || empty($rendez_vous->attendees)) {
bp_core_add_message(__('The rendez-vous was not found.', 'rendez-vous'), 'error');
bp_core_redirect($user_attend);
}
// Redirect if not an attendee
if ($rendez_vous->organizer != bp_loggedin_user_id() && !in_array(bp_loggedin_user_id(), $rendez_vous->attendees)) {
bp_core_add_message(__('You are not attending this rendez-vous.', 'rendez-vous'), 'error');
bp_core_redirect($user_attend);
}
// Redirect if def date is not set
if (empty($rendez_vous->def_date)) {
bp_core_add_message(__('the Rendez-vous is not set yet.', 'rendez-vous'), 'error');
bp_core_redirect($redirect);
}
$hourminutes = explode(':', $rendez_vous->duration);
// Redirect if can't use the duration
if (!is_array($hourminutes) && count($hourminutes) < 2) {
bp_core_add_message(__('the duration is not set the right way.', 'rendez-vous'), 'error');
bp_core_redirect($redirect);
}
$minutes = intval($hourminutes[1]) + intval($hourminutes[0]) * 60;
$end_date = strtotime('+' . $minutes . ' minutes', $rendez_vous->def_date);
// Dates are stored as UTC althought values are local, we need to reconvert
$date_start = date_i18n('Y-m-d H:i:s', $rendez_vous->def_date, true);
$date_end = date_i18n('Y-m-d H:i:s', $end_date, true);
$tz_string = get_option('timezone_string');
if (!empty($tz_string)) {
date_default_timezone_set($tz_string);
}
status_header(200);
header('Cache-Control: cache, must-revalidate');
header('Pragma: public');
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename=rendez_vous_' . $rendez_vous->id . '.ics');
header('Content-Type: text/calendar');
?>
BEGIN:VCALENDAR<?php
echo "\n";
?>
VERSION:2.0<?php
echo "\n";
?>
PRODID:-//hacksw/handcal//NONSGML v1.0//EN<?php
echo "\n";
?>
CALSCALE:GREGORIAN<?php
echo "\n";
?>
BEGIN:VEVENT<?php
echo "\n";
?>
DTEND:<?php
echo gmdate('Ymd\\THis\\Z', strtotime($date_end));
echo "\n";
?>
UID:<?php
echo uniqid();
echo "\n";
?>
DTSTAMP:<?php
echo gmdate('Ymd\\THis\\Z', time());
echo "\n";
?>
LOCATION:<?php
echo esc_html(preg_replace('/([\\,;])/', '\\\\$1', $rendez_vous->venue));
echo "\n";
?>
DESCRIPTION:<?php
echo esc_html(preg_replace('/([\\,;])/', '\\\\$1', $rendez_vous->description));
echo "\n";
?>
URL;VALUE=URI:<?php
echo esc_url(rendez_vous_get_single_link($rendez_vous->id, $rendez_vous->organizer));
echo "\n";
?>
SUMMARY:<?php
echo esc_html(preg_replace('/([\\,;])/', '\\\\$1', $rendez_vous->title));
echo "\n";
?>
DTSTART:<?php
echo gmdate('Ymd\\THis\\Z', strtotime($date_start));
echo "\n";
?>
END:VEVENT<?php
echo "\n";
?>
END:VCALENDAR<?php
echo "\n";
?>
<?php
exit;
}
function bp_media_entry_delete()
{
global $bp;
if (bp_loggedin_user_id() != bp_displayed_user_id()) {
bp_core_no_access(array('message' => __('You do not have access to this page.', 'buddypress'), 'root' => bp_displayed_user_domain(), 'redirect' => false));
exit;
}
if (!isset($bp->action_variables[1])) {
@setcookie('bp-message', 'The requested url does not exist', time() + 60 * 60 * 24, COOKIEPATH);
@setcookie('bp-message-type', 'error', time() + 60 * 60 * 24, COOKIEPATH);
wp_redirect(trailingslashit(bp_displayed_user_domain() . BP_MEDIA_IMAGES_SLUG));
exit;
}
global $bp_media_current_entry;
try {
$bp_media_current_entry = new BP_Media_Host_Wordpress($bp->action_variables[1]);
} catch (Exception $e) {
/* Send the values to the cookie for page reload display */
@setcookie('bp-message', $e->getMessage(), time() + 60 * 60 * 24, COOKIEPATH);
@setcookie('bp-message-type', 'error', time() + 60 * 60 * 24, COOKIEPATH);
wp_redirect(trailingslashit(bp_displayed_user_domain() . BP_MEDIA_IMAGES_SLUG));
exit;
}
$post_id = $bp_media_current_entry->get_id();
$activity_id = get_post_meta($post_id, 'bp_media_child_activity', true);
bp_activity_delete_by_activity_id($activity_id);
$bp_media_current_entry->delete_media();
@setcookie('bp-message', __('Media deleted successfully', 'bp-media'), time() + 60 * 60 * 24, COOKIEPATH);
@setcookie('bp-message-type', 'success', time() + 60 * 60 * 24, COOKIEPATH);
wp_redirect(trailingslashit(bp_displayed_user_domain() . BP_MEDIA_IMAGES_SLUG));
exit;
}
