/** * Show the capabilities settings template * * @since BuddyPress (1.6) * * @return If we shouldn't be here */ function bp_settings_screen_capabilities() { if (bp_action_variables()) { bp_do_404(); return; } // Load the template bp_core_load_template(apply_filters('bp_settings_screen_capabilities', 'members/single/settings/capabilities')); }
/** * Protect access to single groups. * * @since BuddyPress (2.1.0) */ function bp_groups_group_access_protection() { if (!bp_is_group()) { return; } $current_group = groups_get_current_group(); $user_has_access = $current_group->user_has_access; $no_access_args = array(); if (!$user_has_access && 'hidden' !== $current_group->status) { // Always allow access to home and request-membership if (bp_is_current_action('home') || bp_is_current_action('request-membership')) { $user_has_access = true; // User doesn't have access, so set up redirect args } else { if (is_user_logged_in()) { $no_access_args = array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group) . 'home/', 'redirect' => false); } } } // Protect the admin tab from non-admins if (bp_is_current_action('admin') && !bp_is_item_admin()) { $user_has_access = false; $no_access_args = array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group), 'redirect' => false); } /** * Allow plugins to filter whether the current user has access to this group content. * * Note that if a plugin sets $user_has_access to false, it may also * want to change the $no_access_args, to avoid problems such as * logged-in users being redirected to wp-login.php. * * @since BuddyPress (2.1.0) * * @param bool $user_has_access True if the user has access to the * content, otherwise false. * @param array $no_access_args Arguments to be passed to * bp_core_no_access() in case of no access. Note that this * value is passed by reference, so it can be modified by the * filter callback. */ $user_has_access = apply_filters_ref_array('bp_group_user_has_access', array($user_has_access, &$no_access_args)); // If user has access, we return rather than redirect if ($user_has_access) { return; } // Hidden groups should return a 404 for non-members. // Unset the current group so that you're not redirected // to the default group tab if ('hidden' == $current_group->status) { buddypress()->groups->current_group = 0; buddypress()->is_single_item = false; bp_do_404(); return; } else { bp_core_no_access($no_access_args); } }
/** * Catch and route requests for single activity item permalinks. * * @since 1.2.0 * * @uses bp_is_activity_component() * @uses bp_is_current_action() * @uses bp_action_variable() * @uses bp_activity_get_specific() * @uses bp_is_active() * @uses bp_core_get_user_domain() * @uses groups_get_group() * @uses bp_get_group_permalink() * @uses apply_filters_ref_array() To call the 'bp_activity_permalink_redirect_url' hook. * @uses bp_core_redirect() * @uses bp_get_root_domain() * * @return bool False on failure. */ function bp_activity_action_permalink_router() { // Not viewing activity. if (!bp_is_activity_component() || !bp_is_current_action('p')) { return false; } // No activity to display. if (!bp_action_variable(0) || !is_numeric(bp_action_variable(0))) { return false; } // Get the activity details. $activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(0), 'show_hidden' => true)); // 404 if activity does not exist if (empty($activity['activities'][0])) { bp_do_404(); return; } else { $activity = $activity['activities'][0]; } // Do not redirect at default. $redirect = false; // Redirect based on the type of activity. if (bp_is_active('groups') && $activity->component == buddypress()->groups->id) { // Activity is a user update. if (!empty($activity->user_id)) { $redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/'; // Activity is something else. } else { // Set redirect to group activity stream. if ($group = groups_get_group(array('group_id' => $activity->item_id))) { $redirect = bp_get_group_permalink($group) . bp_get_activity_slug() . '/' . $activity->id . '/'; } } // Set redirect to users' activity stream. } elseif (!empty($activity->user_id)) { $redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/'; } // If set, add the original query string back onto the redirect URL. if (!empty($_SERVER['QUERY_STRING'])) { $query_frags = array(); wp_parse_str($_SERVER['QUERY_STRING'], $query_frags); $redirect = add_query_arg(urlencode_deep($query_frags), $redirect); } /** * Filter the intended redirect url before the redirect occurs for the single activity item. * * @since 1.2.2 * * @param array $value Array with url to redirect to and activity related to the redirect. */ if (!($redirect = apply_filters_ref_array('bp_activity_permalink_redirect_url', array($redirect, &$activity)))) { bp_core_redirect(bp_get_root_domain()); } // Redirect to the actual activity permalink page. bp_core_redirect($redirect); }
/** * Catch requests for the groups component and find the requested group */ function group_hierarchy_override_current_action($current_action) { global $bp; do_action('bp_group_hierarchy_route_requests'); /** Only process once - hopefully this won't have any side effects */ remove_action('bp_current_action', 'group_hierarchy_override_current_action'); /** Abort processing on dashboard pages and when not in groups component */ if (is_admin() && !strpos(admin_url('admin-ajax.php'), $_SERVER['REQUEST_URI'])) { return $current_action; } if (!bp_is_groups_component()) { return $current_action; } $groups_slug = bp_get_groups_root_slug(); bp_group_hierarchy_debug('Routing request'); bp_group_hierarchy_debug('Current component: ' . $bp->current_component); bp_group_hierarchy_debug('Current action: ' . $current_action); bp_group_hierarchy_debug('Groups slug: ' . $groups_slug); bp_group_hierarchy_debug('Are we on a user profile page?: ' . (empty($bp->displayed_user->id) ? 'N' : 'Y')); if ($current_action == '') { return $current_action; } if (!empty($bp->displayed_user->id) || in_array($current_action, apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $groups_slug, '')))) { bp_group_hierarchy_debug('Not rewriting current action.'); return $current_action; } $action_vars = $bp->action_variables; $group = new BP_Groups_Hierarchy($current_action); if (!$group->id && (!isset($bp->current_item) || !$bp->current_item)) { $current_action = ''; bp_group_hierarchy_debug('Group not found - returning 404.'); bp_do_404(); return; } if ($group->has_children()) { $parent_id = $group->id; foreach ($bp->action_variables as $action_var) { $subgroup_id = BP_Groups_Hierarchy::check_slug($action_var, $parent_id); if ($subgroup_id) { $action_var = array_shift($action_vars); $current_action .= '/' . $action_var; $parent_id = $subgroup_id; } else { // once we find something that isn't a group, we're done break; } } } bp_group_hierarchy_debug('Action changed to: ' . $current_action); $bp->action_variables = $action_vars; $bp->current_action = $current_action; return $current_action; }
/** * Handles the saving of xprofile field visibilities * * @since BuddyPress (1.9) */ function bp_xprofile_action_settings() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if no submit action if (!isset($_POST['xprofile-settings-submit'])) { return; } // Bail if not in settings if (!bp_is_user_settings_profile()) { return; } // 404 if there are any additional action variables attached if (bp_action_variables()) { bp_do_404(); return; } // Nonce check check_admin_referer('bp_xprofile_settings'); do_action('bp_xprofile_settings_before_save'); /** Save ******************************************************************/ // Only save if there are field ID's being posted if (!empty($_POST['field_ids'])) { // Get the POST'ed field ID's $posted_field_ids = explode(',', $_POST['field_ids']); // Backward compatibility: a bug in BP 2.0 caused only a single // group's field IDs to be submitted. Look for values submitted // in the POST request that may not appear in 'field_ids', and // add them to the list of IDs to save. foreach ($_POST as $posted_key => $posted_value) { preg_match('/^field_([0-9]+)_visibility$/', $posted_key, $matches); if (!empty($matches[1]) && !in_array($matches[1], $posted_field_ids)) { $posted_field_ids[] = $matches[1]; } } // Save the visibility settings foreach ($posted_field_ids as $field_id) { $visibility_level = 'public'; if (!empty($_POST['field_' . $field_id . '_visibility'])) { $visibility_level = $_POST['field_' . $field_id . '_visibility']; } xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level); } } /** Other *****************************************************************/ do_action('bp_xprofile_settings_after_save'); // Redirect to the root domain bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/profile'); }
/** * Allow core components and dependent plugins to register activity actions * * @since BuddyPress (1.2) * * @global object $bp BuddyPress global settings * @uses bp_is_activity_component() * @uses bp_is_current_action() * @uses bp_action_variable() * @uses bp_activity_get_specific() * @uses bp_is_active() * @uses bp_core_get_user_domain() * @uses groups_get_group() * @uses bp_get_group_permalink() * @uses apply_filters_ref_array() To call the 'bp_activity_permalink_redirect_url' hook * @uses bp_core_redirect() * @uses bp_get_root_domain() * * @return bool False on failure */ function bp_activity_action_permalink_router() { global $bp; // Not viewing activity if (!bp_is_activity_component() || !bp_is_current_action('p')) { return false; } // No activity to display if (!bp_action_variable(0) || !is_numeric(bp_action_variable(0))) { return false; } // Get the activity details $activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(0), 'show_hidden' => true)); // 404 if activity does not exist if (empty($activity['activities'][0])) { bp_do_404(); return; } else { $activity = $activity['activities'][0]; } // Do not redirect at default $redirect = false; // Redirect based on the type of activity if (bp_is_active('groups') && $activity->component == $bp->groups->id) { // Activity is a user update if (!empty($activity->user_id)) { $redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/'; // Activity is something else } else { // Set redirect to group activity stream if ($group = groups_get_group(array('group_id' => $activity->item_id))) { $redirect = bp_get_group_permalink($group) . bp_get_activity_slug() . '/' . $activity->id . '/'; } } // Set redirect to users' activity stream } else { $redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/'; } // If set, add the original query string back onto the redirect URL if (!empty($_SERVER['QUERY_STRING'])) { $query_frags = array(); wp_parse_str($_SERVER['QUERY_STRING'], $query_frags); $redirect = add_query_arg(urlencode_deep($query_frags), $redirect); } // Allow redirect to be filtered if (!($redirect = apply_filters_ref_array('bp_activity_permalink_redirect_url', array($redirect, &$activity)))) { bp_core_redirect(bp_get_root_domain()); } // Redirect to the actual activity permalink page bp_core_redirect($redirect); }
/** * Show the capabilities settings template * * @since BuddyPress (1.6.0) */ function bp_settings_screen_capabilities() { if (bp_action_variables()) { bp_do_404(); return; } /** * Filters the template file path to use for the capabilities settings screen. * * @since BuddyPress (1.6.0) * * @param string $value Directory path to look in for the template file. */ bp_core_load_template(apply_filters('bp_settings_screen_capabilities', 'members/single/settings/capabilities')); }
/** * Sets up and displays the screen output for the sub nav item "portfolio/add" */ function bp_portfolio_screen_add() { global $bp; if (bp_action_variables()) { bp_do_404(); return; } messages_remove_callback_values(); if (isset($_POST['add'])) { // Check the nonce if (!wp_verify_nonce($_POST['_wpnonce'], 'project_form_nonce')) { bp_core_add_message(__('There was an error recording the project, please try again', 'bp-portfolio'), 'error'); bp_core_load_template(apply_filters('bp_portfolio_template_personal', BP_PORTFOLIO_TEMPLATE . '/personal')); } if (empty($_POST['title-input']) or empty($_POST['url-input']) or empty($_POST['description'])) { bp_core_add_message(__('All fields are required', 'bp-portfolio'), 'error'); } else { // Check the url if (!preg_match("/(ftp|http|https):\\/\\/(\\w+:{0,1}\\w*@)?(\\S+)(:[0-9]+)?(\\/|\\/([\\w#!:.?+=&%@!\\-\\/]))?/", $_POST['url-input'])) { bp_core_add_message(__('Url must be a valid URL.', 'bp-portfolio'), 'error'); bp_core_load_template(apply_filters('bp_portfolio_template_add', BP_PORTFOLIO_TEMPLATE . '/add')); } // Check description size if (strlen($_POST['description']) > BP_PORTFOLIO_DESC_MAX_SIZE) { $_POST['description'] = substr($_POST['description'], 0, BP_PORTFOLIO_DESC_MAX_SIZE); } // Save the item $posts = array('author_id' => bp_loggedin_user_id(), 'title' => $_POST['title-input'], 'description' => $_POST['description'], 'url' => $_POST['url-input']); // Is that a capture has been sent ? if (isset($_FILES['screenshot-input']) and $_FILES['screenshot-input']['error'] == 0) { $posts['screenshot'] = $_FILES['screenshot-input']; } if ($item = bp_portfolio_save_item($posts)) { bp_core_add_message(__('Project has been saved', 'bp-portfolio')); bp_core_redirect(bp_core_get_user_domain(bp_loggedin_user_id()) . bp_get_portfolio_slug()); } else { bp_core_add_message(__('There was an error recording the project, please try again', 'bp-portfolio'), 'error'); } } } do_action('bp_portfolio_add_screen'); // Displaying Content bp_core_load_template(apply_filters('bp_portfolio_template_add', BP_PORTFOLIO_TEMPLATE . '/add')); }
/** * Handles the saving of xprofile field visibilities * * @since BuddyPress (1.9) */ function bp_xprofile_action_settings() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if no submit action if (!isset($_POST['xprofile-settings-submit'])) { return; } // Bail if not in settings if (!bp_is_user_settings_profile()) { return; } // 404 if there are any additional action variables attached if (bp_action_variables()) { bp_do_404(); return; } // Nonce check check_admin_referer('bp_xprofile_settings'); do_action('bp_xprofile_settings_before_save'); /** Save ******************************************************************/ // Only save if there are field ID's being posted if (!empty($_POST['field_ids'])) { // Get the POST'ed field ID's $posted_field_ids = explode(',', $_POST['field_ids']); // Save the visibility settings foreach ($posted_field_ids as $field_id) { $visibility_level = 'public'; if (!empty($_POST['field_' . $field_id . '_visibility'])) { $visibility_level = $_POST['field_' . $field_id . '_visibility']; } xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level); } } /** Other *****************************************************************/ do_action('bp_xprofile_settings_after_save'); // Redirect to the root domain bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/profile'); }
/** * Perform actions about rendez-vous (insert/edit/delete/save prefs) * * @package Rendez Vous * @subpackage Groups * * @since Rendez Vous (1.1.0) * * @uses Rendez_Vous_Group->is_rendez_vous() Checks whether we're on a rendez-vous page of a group * @uses rendez_vous() to get the plugin's instance * @uses rendez_vous_handle_actions() to insert/edit/delete/save prefs about a rendez-vous * @uses bp_get_current_group_id() to get the group id * @uses Rendez_Vous_Group::group_get_option() to get the needed group metas. * @uses groups_is_user_member() to check the organizer is still a member of the group * @uses delete_post_meta() to remove a rendez-vous from a group * @uses rendez_vous_get_single_link() to get the rendez-vous link * @uses bp_core_add_message() to give a feedback to the user * @uses do_action() call 'rendez_vous_groups_component_deactivated' or * 'rendez_vous_groups_member_removed' to perform custom actions * @uses bp_core_redirect() to safely redirect the user * @uses bp_is_current_component() to check for a BuddyPress component * @uses bp_current_item() to make sure a group item is requested * @uses bp_do_404() to set the WP Query to a 404. */ public function group_handle_screens() { if ($this->is_rendez_vous()) { $rendez_vous = rendez_vous(); $this->screen = rendez_vous_handle_actions(); $rendez_vous->screens->screen = $this->screen; $group_id = bp_get_current_group_id(); /** * Should we remove the rendez-vous from the group ? * * Although, this is already handled in Rendez_Vous_Group->group_rendez_vous_link() * an invited user can click on an email he received where the link is a group rendez-vous link. * @see rendez_vous_published_notification() * * Not checking if notifications are active, because there's also an edge case when the activity * has not been deleted yet and the user clicks on the activity link. */ if ('single' == $this->screen && !empty($rendez_vous->item->id)) { $message = $action = false; // The group doesn't support rendez-vous anymore if (!self::group_get_option($group_id, '_rendez_vous_group_activate', false)) { $message = __('The Group, the rendez-vous was attached to, does not support rendez-vous anymore', 'rendez-vous'); $action = 'rendez_vous_groups_component_deactivated'; // The organizer was removed or left the group } else { if (!groups_is_user_member($rendez_vous->item->organizer, $group_id)) { $message = sprintf(__('%s is not a member of the group, the rendez-vous was attached to, anymore. As a result, the rendez-vous was removed from the group.', 'rendez-vous'), bp_core_get_user_displayname($rendez_vous->item->organizer)); $action = 'rendez_vous_groups_member_removed'; } } // Bail if everything is ok. if (empty($message)) { return; } // Delete the rendez-vous group id meta delete_post_meta($rendez_vous->item->id, '_rendez_vous_group_id'); $redirect = rendez_vous_get_single_link($rendez_vous->item->id, $rendez_vous->item->organizer); bp_core_add_message($message, 'error'); // fire an action to deal with group activities do_action($action, $rendez_vous->item->id, $rendez_vous->item); // Redirect to organizer's rendez-vous page bp_core_redirect($redirect); } } else { if (bp_is_current_component('groups') && bp_is_current_action($this->slug) && bp_current_item()) { bp_do_404(); return; } } }
/** * Catch unauthorized access to certain BuddyPress pages and redirect accordingly. * * @since 1.5.0 */ function bp_core_catch_no_access() { global $wp_query; $bp = buddypress(); // If coming from bp_core_redirect() and $bp_no_status_set is true, // we are redirecting to an accessible page so skip this check. if (!empty($bp->no_status_set)) { return false; } if (!isset($wp_query->queried_object) && !bp_is_blog_page()) { bp_do_404(); } }
/** * Catches invalid access to BuddyPress pages and redirects them accordingly. * * @package BuddyPress Core * @since 1.5 */ function bp_core_catch_no_access() { global $bp, $bp_no_status_set, $nxt_query; // If bp_core_redirect() and $bp_no_status_set is true, // we are redirecting to an accessible page, so skip this check. if ($bp_no_status_set) { return false; } if (!isset($nxt_query->queried_object) && !bp_is_blog_page()) { bp_do_404(); } }
/** * Show the xprofile settings template * * @since BuddyPress (2.0.0) */ function bp_xprofile_screen_settings() { // Redirect if no privacy settings page is accessible if (bp_action_variables() || !bp_is_active('xprofile')) { bp_do_404(); return; } /** * Filters the template to load for the XProfile settings screen. * * @since BuddyPress (2.0.0) * * @param string $template Path to the XProfile change avatar template to load. */ bp_core_load_template(apply_filters('bp_settings_screen_xprofile', '/members/single/settings/profile')); }
/** * Set up component global data. * * The BP_GROUPS_SLUG constant is deprecated, and only used here for * backwards compatibility. * * @since 1.5.0 * * @see BP_Component::setup_globals() for a description of arguments. * * @param array $args See BP_Component::setup_globals() for a description. */ public function setup_globals($args = array()) { $bp = buddypress(); // Define a slug, if necessary. if (!defined('BP_GROUPS_SLUG')) { define('BP_GROUPS_SLUG', $this->id); } // Global tables for groups component. $global_tables = array('table_name' => $bp->table_prefix . 'bp_groups', 'table_name_members' => $bp->table_prefix . 'bp_groups_members', 'table_name_groupmeta' => $bp->table_prefix . 'bp_groups_groupmeta'); // Metadata tables for groups component. $meta_tables = array('group' => $bp->table_prefix . 'bp_groups_groupmeta'); // All globals for groups component. // Note that global_tables is included in this array. $args = array('slug' => BP_GROUPS_SLUG, 'root_slug' => isset($bp->pages->groups->slug) ? $bp->pages->groups->slug : BP_GROUPS_SLUG, 'has_directory' => true, 'directory_title' => _x('Groups', 'component directory title', 'buddypress'), 'notification_callback' => 'groups_format_notifications', 'search_string' => _x('Search Groups...', 'Component directory search', 'buddypress'), 'global_tables' => $global_tables, 'meta_tables' => $meta_tables); parent::setup_globals($args); /* Single Group Globals **********************************************/ // Are we viewing a single group? if (bp_is_groups_component() && ($group_id = BP_Groups_Group::group_exists(bp_current_action()))) { $bp->is_single_item = true; /** * Filters the current PHP Class being used. * * @since 1.5.0 * * @param string $value Name of the class being used. */ $current_group_class = apply_filters('bp_groups_current_group_class', 'BP_Groups_Group'); if ($current_group_class == 'BP_Groups_Group') { $this->current_group = groups_get_group(array('group_id' => $group_id, 'populate_extras' => true)); } else { /** * Filters the current group object being instantiated from previous filter. * * @since 1.5.0 * * @param object $value Newly instantiated object for the group. */ $this->current_group = apply_filters('bp_groups_current_group_object', new $current_group_class($group_id)); } // When in a single group, the first action is bumped down one because of the // group name, so we need to adjust this and set the group name to current_item. $bp->current_item = bp_current_action(); $bp->current_action = bp_action_variable(0); array_shift($bp->action_variables); // Using "item" not "group" for generic support in other components. if (bp_current_user_can('bp_moderate')) { bp_update_is_item_admin(true, 'groups'); } else { bp_update_is_item_admin(groups_is_user_admin(bp_loggedin_user_id(), $this->current_group->id), 'groups'); } // If the user is not an admin, check if they are a moderator. if (!bp_is_item_admin()) { bp_update_is_item_mod(groups_is_user_mod(bp_loggedin_user_id(), $this->current_group->id), 'groups'); } // Is the logged in user a member of the group? if (is_user_logged_in() && groups_is_user_member(bp_loggedin_user_id(), $this->current_group->id)) { $this->current_group->is_user_member = true; } else { $this->current_group->is_user_member = false; } // Should this group be visible to the logged in user? if ('public' == $this->current_group->status || $this->current_group->is_user_member) { $this->current_group->is_visible = true; } else { $this->current_group->is_visible = false; } // If this is a private or hidden group, does the user have access? if ('private' == $this->current_group->status || 'hidden' == $this->current_group->status) { if ($this->current_group->is_user_member && is_user_logged_in() || bp_current_user_can('bp_moderate')) { $this->current_group->user_has_access = true; } else { $this->current_group->user_has_access = false; } } else { $this->current_group->user_has_access = true; } // Check once if the current group has a custom front template. $this->current_group->front_template = bp_groups_get_front_template($this->current_group); // Set current_group to 0 to prevent debug errors. } else { $this->current_group = 0; } /** * Filters the list of illegal groups names/slugs. * * @since 1.0.0 * * @param array $value Array of illegal group names/slugs. */ $this->forbidden_names = apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $this->slug, $this->root_slug)); // If the user was attempting to access a group, but no group by that name was found, 404. if (bp_is_groups_component() && empty($this->current_group) && bp_current_action() && !in_array(bp_current_action(), $this->forbidden_names)) { bp_do_404(); return; } /** * Filters the preconfigured groups creation steps. * * @since 1.1.0 * * @param array $value Array of preconfigured group creation steps. */ $this->group_creation_steps = apply_filters('groups_create_group_steps', array('group-details' => array('name' => _x('Details', 'Group screen nav', 'buddypress'), 'position' => 0), 'group-settings' => array('name' => _x('Settings', 'Group screen nav', 'buddypress'), 'position' => 10))); // If avatar uploads are not disabled, add avatar option. $disabled_avatar_uploads = (int) bp_disable_group_avatar_uploads(); if (!$disabled_avatar_uploads && $bp->avatar->show_avatars) { $this->group_creation_steps['group-avatar'] = array('name' => _x('Photo', 'Group screen nav', 'buddypress'), 'position' => 20); } if (bp_group_use_cover_image_header()) { $this->group_creation_steps['group-cover-image'] = array('name' => _x('Cover Image', 'Group screen nav', 'buddypress'), 'position' => 25); } // If friends component is active, add invitations. if (bp_is_active('friends')) { $this->group_creation_steps['group-invites'] = array('name' => _x('Invites', 'Group screen nav', 'buddypress'), 'position' => 30); } /** * Filters the list of valid groups statuses. * * @since 1.1.0 * * @param array $value Array of valid group statuses. */ $this->valid_status = apply_filters('groups_valid_status', array('public', 'private', 'hidden')); // Auto join group when non group member performs group activity. $this->auto_join = defined('BP_DISABLE_AUTO_GROUP_JOIN') && BP_DISABLE_AUTO_GROUP_JOIN ? false : true; }
function settings_ui() { if (bp_action_variables()) { bp_do_404(); return; } // Load the template bp_core_load_template(apply_filters('bp_settings_screen_delete_account', 'members/single/plugins')); }
/** * Catches invalid access to BuddyPress pages and redirects them accordingly. * * @package BuddyPress Core * @since 1.5 */ function bp_core_catch_no_access() { global $bp, $bp_no_status_set, $wp_query; // If bp_core_redirect() and $bp_no_status_set is true, // we are redirecting to an accessible page, so skip this check. if ($bp_no_status_set) { return false; } // If the displayed user was marked as a spammer and the logged-in user is not a super admin, 404. if (isset($bp->displayed_user->id) && bp_core_is_user_spammer($bp->displayed_user->id)) { if (!$bp->loggedin_user->is_super_admin) { bp_do_404(); return; } else { bp_core_add_message(__('This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress'), 'error'); } } if (!isset($wp_query->queried_object) && !bp_is_blog_page()) { bp_do_404(); } }
/** * Show the xprofile settings template * * @since BuddyPress (2.0.0) */ function bp_xprofile_screen_settings() { // Redirect if no privacy settings page is accessible if (bp_action_variables() || !bp_is_active('xprofile')) { bp_do_404(); return; } // Load the template bp_core_load_template(apply_filters('bp_settings_screen_xprofile', '/members/single/settings/profile')); }
/** * Map IdeaStream needed vars to the group's context and prepare the * group's extension display method * * @package WP Idea Stream * @subpackage buddypress/groups * * @since 2.0.0 * * @uses bp_is_group() to check a group is displayed * @uses bp_is_current_action() to check the group's current action * @uses wp_idea_stream_root_slug() to get the IdeaStream root slug * @uses WP_Idea_Stream_Group::group_get_option() to check for the group setting * @uses bp_get_current_group_id() to get current group's ID * @uses bp_core_redirect() to safely redirect the user * @uses bp_get_group_permalink() to get the group's permalink * @uses groups_get_current_group() to get the current group's object * @uses wp_idea_stream_buddypress_set_is_ideastream() to set a new IdeaStream territory for a later use * @uses bp_action_variables() to get all action variables at once * @uses wp_idea_stream_action_get_slug() to get IdeaStream's action slug * @uses wp_idea_stream_addnew_slug() to get IdeaStream's add slug * @uses wp_idea_stream_buddypress_set_is_new() to set IdeaStream global 'is_new' for a later use * @uses add_action() to add a field to the new idea form * @uses wp_idea_stream_edit_slug() to get the edit slug * @uses get_query_var() to get the value of a specific query var * @uses wp_idea_stream_get_post_type() to get the ideas post type identifier * @uses wp_idea_stream_ideas_get_idea_by_name() to get the idea object * @uses wp_idea_stream_ideas_lock_idea() to check if the idea is edited by another user * @uses wp_idea_stream_ideas_can_edit() to check if the user can edit the idea * @uses WP_Idea_Stream_Group->is_idea_attached_to_group() to check if the idea is attached to currrent group * @uses wp_idea_stream_set_idea_var() to set an IdeaStream global for a later use * @uses wp_idea_stream_buddypress_set_is_edit() to set IdeaStream global 'is_edit' for a later use * @uses wp_idea_stream_idea_get_slug() to get IdeaStream's idea slug * @uses wp_idea_stream_tag_get_slug() to get the ideas tag taxonomy slug * @uses wp_idea_stream_category_get_slug() to get the ideas category taxonomy slug * @uses set_query_var() to set some query var for a later use * @uses get_term_by() to get idea's term * @uses wp_idea_stream_paged_slug() to get the ideas paged slug * @uses wp_idea_stream_add_message() to add a feedback to display to the user once redirected * @uses WP_Idea_Stream_Group->group_ideas_archive_url() to get the group's IdeaStream archive page * @uses bp_is_current_component() to check for a BuddyPress component * @uses bp_current_item() to make sure a group item is requested * @uses bp_do_404() to set the WP Query to a 404. */ public function maybe_set_ideastream() { if (bp_is_group() && bp_is_current_action(wp_idea_stream_root_slug())) { // Bail if group is not (more) using IdeaStream if (!self::group_get_option(bp_get_current_group_id(), '_group_ideastream_activate', false)) { bp_core_redirect(bp_get_group_permalink(groups_get_current_group())); } // Set is_ideastream to load main css file wp_idea_stream_buddypress_set_is_ideastream(); $actions = array_map('sanitize_title', (array) bp_action_variables()); $message = false; switch ($actions[0]) { // Adding a new idea case wp_idea_stream_action_get_slug(): if (wp_idea_stream_addnew_slug() == $actions[1]) { $this->group_ideastream->is_action = 'new'; $this->group_ideastream->context = 'new-idea'; // Set is_new to load javascripts wp_idea_stream_buddypress_set_is_new(); // Add the group_id field in the form add_action('wp_idea_stream_ideas_the_idea_meta_edit', array($this, 'meta_group_id')); } else { if (wp_idea_stream_edit_slug() == $actions[1]) { $idea_name = get_query_var(wp_idea_stream_get_post_type()); if (empty($idea_name)) { $message = __('No idea was requested', 'wp-idea-stream'); } // Get the idea thanks to its name $idea = wp_idea_stream_ideas_get_idea_by_name($idea_name); // Check if the idea is currently being edited by someone else $user_is_editing = wp_idea_stream_ideas_lock_idea($idea->ID); if (!empty($user_is_editing)) { $message = sprintf(__('The idea: "%s" is already being edited by another user.', 'wp-idea-stream'), $idea->post_title); break; } // Does the user can edit the idea ? if (!wp_idea_stream_ideas_can_edit($idea)) { $message = __('You are not allowed to edit this idea.', 'wp-idea-stream'); break; } if ($this->is_idea_attached_to_group($idea)) { $this->group_ideastream->is_action = 'edit'; $this->group_ideastream->context = 'edit-idea'; // Set the query loop $query_loop = new StdClass(); $query_loop->idea = $idea; wp_idea_stream_set_idea_var('query_loop', $query_loop); wp_idea_stream_set_idea_var('single_idea_id', $idea->ID); // Set is_new to load javascripts wp_idea_stream_buddypress_set_is_edit(); // Add the group_id field in the form add_action('wp_idea_stream_ideas_the_idea_meta_edit', array($this, 'meta_group_id')); } else { $message = __('The idea was not found in this group.', 'wp-idea-stream'); } } else { $message = __('The action requested is not available', 'wp-idea-stream'); } } break; // Viewing a single idea // Viewing a single idea case wp_idea_stream_idea_get_slug(): // No name, stop if (empty($actions[1])) { $message = __('No idea was requested', 'wp-idea-stream'); break; } // Get the idea thanks to its name $idea = wp_idea_stream_ideas_get_idea_by_name($actions[1]); if ($this->is_idea_attached_to_group($idea)) { $this->group_ideastream->is_action = 'idea'; $this->group_ideastream->idea_name = $actions[1]; // Set the query loop $query_loop = new StdClass(); $query_loop->idea = $idea; wp_idea_stream_set_idea_var('query_loop', $query_loop); wp_idea_stream_set_idea_var('single_idea_id', $idea->ID); } else { $message = __('The idea was not found in this group.', 'wp-idea-stream'); } break; case wp_idea_stream_tag_get_slug(): case wp_idea_stream_category_get_slug(): // No term name, stop if (empty($actions[1])) { $message = sprintf(__('No %s was requested', 'wp-idea-stream'), $actions[0]); break; } // Does the group support categories ? if ($actions[0] == wp_idea_stream_category_get_slug() && !self::group_get_option(bp_get_current_group_id(), '_group_ideastream_categories', true)) { $message = sprintf(__('This group does not support the %s feature.', 'wp-idea-stream'), $actions[0]); break; } // Using tag as default, as category can be disabled from group settings. if ($actions[0] == wp_idea_stream_tag_get_slug()) { $this->group_ideastream->current_taxonomy = wp_idea_stream_get_tag(); // Set tag as a query var. set_query_var(wp_idea_stream_get_tag(), $actions[1]); } else { if ($actions[0] == wp_idea_stream_category_get_slug()) { $this->group_ideastream->current_taxonomy = wp_idea_stream_get_category(); // Set category as a query var. set_query_var(wp_idea_stream_get_category(), $actions[1]); } } // Try to get the term with its slug $this->group_ideastream->current_term = get_term_by('slug', $actions[1], $this->group_ideastream->current_taxonomy); if (!empty($this->group_ideastream->current_term)) { $this->group_ideastream->is_action = $actions[0]; $this->group_ideastream->context = 'taxonomy'; // Set the current term wp_idea_stream_set_idea_var('current_term', $this->group_ideastream->current_term); } else { $message = sprintf(__('The %s was not found', 'wp-idea-stream'), $actions[0]); break; } break; default: $this->group_ideastream->is_action = 'archive'; $this->group_ideastream->context = 'archive'; break; } // Set pagination for taxonomy & archive page if (!empty($this->group_ideastream->context) && in_array($this->group_ideastream->context, array('taxonomy', 'archive'))) { $possible_page_number = array($actions[0]); if (!empty($actions[2])) { $possible_page_number = array_merge($possible_page_number, array($actions[2])); } if (in_array(wp_idea_stream_paged_slug(), $possible_page_number)) { if (is_numeric($actions[1])) { $this->group_ideastream->is_paged = absint($actions[1]); } else { if (is_numeric($actions[3])) { $this->group_ideastream->is_paged = absint($actions[3]); } else { $this->group_ideastream->is_paged = 0; } } } } if (!empty($message)) { wp_idea_stream_add_message(array('type' => 'error', 'content' => $message)); bp_core_redirect($this->group_ideas_archive_url(groups_get_current_group(), true)); } /** * Redirect to a 404 if needed * * It's the case when trying to see an idea attached to an hidden group while the user * is not a member of this group. */ } else { if (bp_is_current_component('groups') && bp_is_current_action(wp_idea_stream_root_slug()) && bp_current_item()) { bp_do_404(); return; } } }
/** * Handles the uploading and cropping of a user avatar. Displays the change avatar page. * * @package BuddyPress XProfile * @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user * @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename) */ function xprofile_screen_change_avatar() { global $bp; if (!bp_is_my_profile() && !is_super_admin()) { return false; } if (bp_action_variables()) { bp_do_404(); return; } $bp->avatar_admin->step = 'upload-image'; if (!empty($_FILES)) { // Check the nonce check_admin_referer('bp_avatar_upload'); // Pass the file to the avatar upload handler if (bp_core_avatar_handle_upload($_FILES, 'xprofile_avatar_upload_dir')) { $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping add_action('nxt_print_scripts', 'bp_core_add_jquery_cropper'); } } // If the image cropping is done, crop the image and save a full/thumb version if (isset($_POST['avatar-crop-submit'])) { // Check the nonce check_admin_referer('bp_avatar_cropstore'); if (!bp_core_avatar_handle_crop(array('item_id' => $bp->displayed_user->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) { bp_core_add_message(__('There was a problem cropping your avatar, please try uploading it again', 'buddypress'), 'error'); } else { bp_core_add_message(__('Your new avatar was uploaded successfully!', 'buddypress')); do_action('xprofile_avatar_uploaded'); } } do_action('xprofile_screen_change_avatar'); bp_core_load_template(apply_filters('xprofile_template_change_avatar', 'members/single/home')); }
/** * Reset the logged-in user's new mentions data when he visits his mentions screen * * @since BuddyPress (1.2) * * @global object $bp BuddyPress global settings * @uses bp_is_activity_component() * @uses bp_activity_get_specific() * @uses bp_current_action() * @uses bp_action_variables() * @uses bp_do_404() * @uses bp_is_active() * @uses groups_get_group() * @uses groups_is_user_member() * @uses apply_filters_ref_array() To call the 'bp_activity_permalink_access' hook * @uses do_action() To call the 'bp_activity_screen_single_activity_permalink' hook * @uses bp_core_add_message() * @uses is_user_logged_in() * @uses bp_core_redirect() * @uses site_url() * @uses esc_url() * @uses bp_get_root_domain() * @uses bp_get_activity_root_slug() * @uses bp_core_load_template() * @uses apply_filters() To call the 'bp_activity_template_profile_activity_permalink' hook */ function bp_activity_screen_single_activity_permalink() { global $bp; // No displayed user or not viewing activity component if (!bp_is_activity_component()) { return false; } if (!bp_current_action() || !is_numeric(bp_current_action())) { return false; } // Get the activity details $activity = bp_activity_get_specific(array('activity_ids' => bp_current_action(), 'show_hidden' => true, 'spam' => 'ham_only')); // 404 if activity does not exist if (empty($activity['activities'][0]) || bp_action_variables()) { bp_do_404(); return; } else { $activity = $activity['activities'][0]; } // Default access is true $has_access = true; // If activity is from a group, do an extra cap check if (isset($bp->groups->id) && $activity->component == $bp->groups->id) { // Activity is from a group, but groups is currently disabled if (!bp_is_active('groups')) { bp_do_404(); return; } // Check to see if the group is not public, if so, check the // user has access to see this activity if ($group = groups_get_group(array('group_id' => $activity->item_id))) { // Group is not public if ('public' != $group->status) { // User is not a member of group if (!groups_is_user_member(bp_loggedin_user_id(), $group->id)) { $has_access = false; } } } } // Allow access to be filtered $has_access = apply_filters_ref_array('bp_activity_permalink_access', array($has_access, &$activity)); // Allow additional code execution do_action('bp_activity_screen_single_activity_permalink', $activity, $has_access); // Access is specifically disallowed if (false === $has_access) { // User feedback bp_core_add_message(__('You do not have access to this activity.', 'buddypress'), 'error'); // Redirect based on logged in status is_user_logged_in() ? bp_core_redirect(bp_loggedin_user_domain()) : bp_core_redirect(site_url('wp-login.php?redirect_to=' . esc_url(bp_get_root_domain() . '/' . bp_get_activity_root_slug() . '/p/' . bp_current_action() . '/'))); } bp_core_load_template(apply_filters('bp_activity_template_profile_activity_permalink', 'members/single/activity/permalink')); }
/** * Output the forums for a group in the edit screens * * As of right now, bbPress only supports 1-to-1 group forum relationships. * In the future, many-to-many should be allowed. * * @since bbPress (r3653) * @uses bp_get_current_group_id() * @uses bbp_get_group_forum_ids() * @uses bbp_has_forums() * @uses bbp_get_template_part() */ public function display_forums($offset = 0) { global $wp_query; // Allow actions immediately before group forum output do_action('bbp_before_group_forum_display'); // Load up bbPress once $bbp = bbpress(); /** Query Resets ******************************************************/ // Forum data $forum_action = bp_action_variable($offset); $forum_ids = bbp_get_group_forum_ids(bp_get_current_group_id()); $forum_id = array_shift($forum_ids); // Always load up the group forum bbp_has_forums(array('p' => $forum_id, 'post_parent' => null)); // Set the global forum ID $bbp->current_forum_id = $forum_id; // Assume forum query bbp_set_query_name('bbp_single_forum'); ?> <div id="bbpress-forums"> <?php switch ($forum_action) { /** Single Forum **********************************************/ case false: case 'page': // Strip the super stickies from topic query add_filter('bbp_get_super_stickies', array($this, 'no_super_stickies'), 10, 1); // Unset the super sticky option on topic form add_filter('bbp_get_topic_types', array($this, 'unset_super_sticky'), 10, 1); // Query forums and show them if they exist if (bbp_forums()) { // Setup the forum bbp_the_forum(); ?> <h3><?php bbp_forum_title(); ?> </h3> <?php bbp_get_template_part('content', 'single-forum'); // No forums found } else { ?> <div id="message" class="info"> <p><?php esc_html_e('This group does not currently have a forum.', 'bbpress'); ?> </p> </div> <?php } break; /** Single Topic **********************************************/ /** Single Topic **********************************************/ case $this->topic_slug: // hide the 'to front' admin links add_filter('bbp_get_topic_stick_link', array($this, 'hide_super_sticky_admin_link'), 10, 2); // Get the topic bbp_has_topics(array('name' => bp_action_variable($offset + 1), 'posts_per_page' => 1, 'show_stickies' => false)); // If no topic, 404 if (!bbp_topics()) { bp_do_404(bbp_get_forum_permalink($forum_id)); ?> <h3><?php bbp_forum_title(); ?> </h3> <?php bbp_get_template_part('feedback', 'no-topics'); return; } // Setup the topic bbp_the_topic(); ?> <h3><?php bbp_topic_title(); ?> </h3> <?php // Topic edit if (bp_action_variable($offset + 2) === bbp_get_edit_rewrite_id()) { // Unset the super sticky link on edit topic template add_filter('bbp_get_topic_types', array($this, 'unset_super_sticky'), 10, 1); // Set the edit switches $wp_query->bbp_is_edit = true; $wp_query->bbp_is_topic_edit = true; // Setup the global forum ID $bbp->current_topic_id = get_the_ID(); // Merge if (!empty($_GET['action']) && 'merge' === $_GET['action']) { bbp_set_query_name('bbp_topic_merge'); bbp_get_template_part('form', 'topic-merge'); // Split } elseif (!empty($_GET['action']) && 'split' === $_GET['action']) { bbp_set_query_name('bbp_topic_split'); bbp_get_template_part('form', 'topic-split'); // Edit } else { bbp_set_query_name('bbp_topic_form'); bbp_get_template_part('form', 'topic'); } // Single Topic } else { bbp_set_query_name('bbp_single_topic'); bbp_get_template_part('content', 'single-topic'); } break; /** Single Reply **********************************************/ /** Single Reply **********************************************/ case $this->reply_slug: // Get the reply bbp_has_replies(array('name' => bp_action_variable($offset + 1), 'posts_per_page' => 1)); // If no topic, 404 if (!bbp_replies()) { bp_do_404(bbp_get_forum_permalink($forum_id)); ?> <h3><?php bbp_forum_title(); ?> </h3> <?php bbp_get_template_part('feedback', 'no-replies'); return; } // Setup the reply bbp_the_reply(); ?> <h3><?php bbp_reply_title(); ?> </h3> <?php if (bp_action_variable($offset + 2) === bbp_get_edit_rewrite_id()) { // Set the edit switches $wp_query->bbp_is_edit = true; $wp_query->bbp_is_reply_edit = true; // Setup the global reply ID $bbp->current_reply_id = get_the_ID(); // Move if (!empty($_GET['action']) && 'move' === $_GET['action']) { bbp_set_query_name('bbp_reply_move'); bbp_get_template_part('form', 'reply-move'); // Edit } else { bbp_set_query_name('bbp_reply_form'); bbp_get_template_part('form', 'reply'); } } break; } // Reset the query wp_reset_query(); ?> </div> <?php // Allow actions immediately after group forum output do_action('bbp_after_group_forum_display'); }
/** * Setup globals * * The BP_GROUPS_SLUG constant is deprecated, and only used here for * backwards compatibility. * * @since BuddyPress (1.5) * @global BuddyPress $bp The one true BuddyPress instance */ function setup_globals() { global $bp; // Define a slug, if necessary if (!defined('BP_GROUPS_SLUG')) { define('BP_GROUPS_SLUG', $this->id); } // Global tables for messaging component $global_tables = array('table_name' => $bp->table_prefix . 'bp_groups', 'table_name_members' => $bp->table_prefix . 'bp_groups_members', 'table_name_groupmeta' => $bp->table_prefix . 'bp_groups_groupmeta'); // All globals for messaging component. // Note that global_tables is included in this array. $globals = array('slug' => BP_GROUPS_SLUG, 'root_slug' => isset($bp->pages->groups->slug) ? $bp->pages->groups->slug : BP_GROUPS_SLUG, 'has_directory' => true, 'notification_callback' => 'groups_format_notifications', 'search_string' => __('Search Groups...', 'buddypress'), 'global_tables' => $global_tables); parent::setup_globals($globals); /** Single Group Globals **********************************************/ // Are we viewing a single group? if (bp_is_groups_component() && ($group_id = BP_Groups_Group::group_exists(bp_current_action()))) { $bp->is_single_item = true; $current_group_class = apply_filters('bp_groups_current_group_class', 'BP_Groups_Group'); $this->current_group = apply_filters('bp_groups_current_group_object', new $current_group_class($group_id)); // When in a single group, the first action is bumped down one because of the // group name, so we need to adjust this and set the group name to current_item. $bp->current_item = bp_current_action(); $bp->current_action = bp_action_variable(0); array_shift($bp->action_variables); // Using "item" not "group" for generic support in other components. if (bp_current_user_can('bp_moderate')) { bp_update_is_item_admin(true, 'groups'); } else { bp_update_is_item_admin(groups_is_user_admin(bp_loggedin_user_id(), $this->current_group->id), 'groups'); } // If the user is not an admin, check if they are a moderator if (!bp_is_item_admin()) { bp_update_is_item_mod(groups_is_user_mod(bp_loggedin_user_id(), $this->current_group->id), 'groups'); } // Is the logged in user a member of the group? if (is_user_logged_in() && groups_is_user_member(bp_loggedin_user_id(), $this->current_group->id)) { $this->current_group->is_user_member = true; } else { $this->current_group->is_user_member = false; } // Should this group be visible to the logged in user? if ('public' == $this->current_group->status || $this->current_group->is_user_member) { $this->current_group->is_visible = true; } else { $this->current_group->is_visible = false; } // If this is a private or hidden group, does the user have access? if ('private' == $this->current_group->status || 'hidden' == $this->current_group->status) { if ($this->current_group->is_user_member && is_user_logged_in() || bp_current_user_can('bp_moderate')) { $this->current_group->user_has_access = true; } else { $this->current_group->user_has_access = false; } } else { $this->current_group->user_has_access = true; } // Set current_group to 0 to prevent debug errors } else { $this->current_group = 0; } // Illegal group names/slugs $this->forbidden_names = apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $this->slug, $this->root_slug)); // If the user was attempting to access a group, but no group by that name was found, 404 if (bp_is_groups_component() && empty($this->current_group) && bp_current_action() && !in_array(bp_current_action(), $this->forbidden_names)) { bp_do_404(); return; } if (bp_is_groups_component() && !empty($this->current_group)) { $this->default_extension = apply_filters('bp_groups_default_extension', defined('BP_GROUPS_DEFAULT_EXTENSION') ? BP_GROUPS_DEFAULT_EXTENSION : 'home'); if (!bp_current_action()) { $bp->current_action = $this->default_extension; } // Prepare for a redirect to the canonical URL $bp->canonical_stack['base_url'] = bp_get_group_permalink($this->current_group); if (bp_current_action()) { $bp->canonical_stack['action'] = bp_current_action(); } if (!empty($bp->action_variables)) { $bp->canonical_stack['action_variables'] = bp_action_variables(); } // When viewing the default extension, the canonical URL should not have // that extension's slug, unless more has been tacked onto the URL via // action variables if (bp_is_current_action($this->default_extension) && empty($bp->action_variables)) { unset($bp->canonical_stack['action']); } } // Group access control if (bp_is_groups_component() && !empty($this->current_group)) { if (!$this->current_group->user_has_access) { // Hidden groups should return a 404 for non-members. // Unset the current group so that you're not redirected // to the default group tab if ('hidden' == $this->current_group->status) { $this->current_group = 0; $bp->is_single_item = false; bp_do_404(); return; // Skip the no_access check on home and membership request pages } elseif (!bp_is_current_action('home') && !bp_is_current_action('request-membership')) { // Off-limits to this user. Throw an error and redirect to the group's home page if (is_user_logged_in()) { bp_core_no_access(array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false)); // User does not have access, and does not get a message } else { bp_core_no_access(); } } } // Protect the admin tab from non-admins if (bp_is_current_action('admin') && !bp_is_item_admin()) { bp_core_no_access(array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false)); } } // Preconfigured group creation steps $this->group_creation_steps = apply_filters('groups_create_group_steps', array('group-details' => array('name' => __('Details', 'buddypress'), 'position' => 0), 'group-settings' => array('name' => __('Settings', 'buddypress'), 'position' => 10))); // If avatar uploads are not disabled, add avatar option if (!(int) bp_get_option('bp-disable-avatar-uploads')) { $this->group_creation_steps['group-avatar'] = array('name' => __('Avatar', 'buddypress'), 'position' => 20); } // If friends component is active, add invitations if (bp_is_active('friends')) { $this->group_creation_steps['group-invites'] = array('name' => __('Invites', 'buddypress'), 'position' => 30); } // Groups statuses $this->valid_status = apply_filters('groups_valid_status', array('public', 'private', 'hidden')); // Auto join group when non group member performs group activity $this->auto_join = defined('BP_DISABLE_AUTO_GROUP_JOIN') && BP_DISABLE_AUTO_GROUP_JOIN ? false : true; }
/** * Handle the display of a group's Send Invites page. */ function groups_screen_group_invite() { if (!bp_is_single_item()) { return false; } $bp = buddypress(); if (bp_is_action_variable('send', 0)) { if (!check_admin_referer('groups_send_invites', '_wpnonce_send_invites')) { return false; } if (!empty($_POST['friends'])) { foreach ((array) $_POST['friends'] as $friend) { groups_invite_user(array('user_id' => $friend, 'group_id' => $bp->groups->current_group->id)); } } // Send the invites. groups_send_invites(bp_loggedin_user_id(), $bp->groups->current_group->id); bp_core_add_message(__('Group invites sent.', 'buddypress')); /** * Fires after the sending of a group invite inside the group's Send Invites page. * * @since 1.0.0 * * @param int $id ID of the group whose members are being displayed. */ do_action('groups_screen_group_invite', $bp->groups->current_group->id); bp_core_redirect(bp_get_group_permalink($bp->groups->current_group)); } elseif (!bp_action_variable(0)) { /** * Filters the template to load for a group's Send Invites page. * * @since 1.0.0 * * @param string $value Path to a group's Send Invites template. */ bp_core_load_template(apply_filters('groups_template_group_invite', 'groups/single/home')); } else { bp_do_404(); } }
function messages_screen_notification_settings() { global $bp; if (bp_action_variables()) { bp_do_404(); return; } if (!($new_messages = bp_get_user_meta($bp->displayed_user->id, 'notification_messages_new_message', true))) { $new_messages = 'yes'; } if (!($new_notices = bp_get_user_meta($bp->displayed_user->id, 'notification_messages_new_notice', true))) { $new_notices = 'yes'; } ?> <table class="notification-settings" id="messages-notification-settings"> <thead> <tr> <th class="icon"></th> <th class="title"><?php _e('Messages', 'buddypress'); ?> </th> <th class="yes"><?php _e('Yes', 'buddypress'); ?> </th> <th class="no"><?php _e('No', 'buddypress'); ?> </th> </tr> </thead> <tbody> <tr id="messages-notification-settings-new-message"> <td></td> <td><?php _e('A member sends you a new message', 'buddypress'); ?> </td> <td class="yes"><input type="radio" name="notifications[notification_messages_new_message]" value="yes" <?php checked($new_messages, 'yes', true); ?> /></td> <td class="no"><input type="radio" name="notifications[notification_messages_new_message]" value="no" <?php checked($new_messages, 'no', true); ?> /></td> </tr> <tr id="messages-notification-settings-new-site-notice"> <td></td> <td><?php _e('A new site notice is posted', 'buddypress'); ?> </td> <td class="yes"><input type="radio" name="notifications[notification_messages_new_notice]" value="yes" <?php checked($new_notices, 'yes', true); ?> /></td> <td class="no"><input type="radio" name="notifications[notification_messages_new_notice]" value="no" <?php checked($new_notices, 'no', true); ?> /></td> </tr> <?php do_action('messages_screen_notification_settings'); ?> </tbody> </table> <?php }
/** * Load the page for a single activity item. * * @since 1.2.0 * * @uses bp_is_activity_component() * @uses bp_activity_get_specific() * @uses bp_current_action() * @uses bp_action_variables() * @uses bp_do_404() * @uses bp_is_active() * @uses groups_get_group() * @uses groups_is_user_member() * @uses apply_filters_ref_array() To call the 'bp_activity_permalink_access' hook. * @uses do_action() To call the 'bp_activity_screen_single_activity_permalink' hook. * @uses bp_core_add_message() * @uses is_user_logged_in() * @uses bp_core_redirect() * @uses site_url() * @uses esc_url() * @uses bp_get_root_domain() * @uses bp_get_activity_root_slug() * @uses bp_core_load_template() * @uses apply_filters() To call the 'bp_activity_template_profile_activity_permalink' hook. */ function bp_activity_screen_single_activity_permalink() { $bp = buddypress(); // No displayed user or not viewing activity component. if (!bp_is_activity_component()) { return false; } if (!bp_current_action() || !is_numeric(bp_current_action())) { return false; } // Get the activity details. $activity = bp_activity_get_specific(array('activity_ids' => bp_current_action(), 'show_hidden' => true, 'spam' => 'ham_only')); // 404 if activity does not exist if (empty($activity['activities'][0]) || bp_action_variables()) { bp_do_404(); return; } else { $activity = $activity['activities'][0]; } // Default access is true. $has_access = true; // If activity is from a group, do an extra cap check. if (isset($bp->groups->id) && $activity->component == $bp->groups->id) { // Activity is from a group, but groups is currently disabled. if (!bp_is_active('groups')) { bp_do_404(); return; } // Check to see if the group is not public, if so, check the // user has access to see this activity. if ($group = groups_get_group(array('group_id' => $activity->item_id))) { // Group is not public. if ('public' != $group->status) { // User is not a member of group. if (!groups_is_user_member(bp_loggedin_user_id(), $group->id)) { $has_access = false; } } } } /** * Filters the access permission for a single activity view. * * @since 1.2.0 * * @param array $access Array holding the current $has_access value and current activity item instance. */ $has_access = apply_filters_ref_array('bp_activity_permalink_access', array($has_access, &$activity)); /** * Fires before the loading of a single activity template file. * * @since 1.2.0 * * @param BP_Activity_Activity $activity Object representing the current activity item being displayed. * @param bool $has_access Whether or not the current user has access to view activity. */ do_action('bp_activity_screen_single_activity_permalink', $activity, $has_access); // Access is specifically disallowed. if (false === $has_access) { // User feedback. bp_core_add_message(__('You do not have access to this activity.', 'buddypress'), 'error'); // Redirect based on logged in status. if (is_user_logged_in()) { $url = bp_loggedin_user_domain(); } else { $url = sprintf(site_url('wp-login.php?redirect_to=%s'), urlencode(esc_url_raw(bp_activity_get_permalink((int) bp_current_action())))); } bp_core_redirect($url); } /** * Filters the template to load for a single activity screen. * * @since 1.0.0 * * @param string $template Path to the activity template to load. */ bp_core_load_template(apply_filters('bp_activity_template_profile_activity_permalink', 'members/single/activity/permalink')); }
/** * Handle the display of a group's Send Invites page. */ function groups_screen_group_invite() { if (!bp_is_single_item()) { return false; } $bp = buddypress(); if (bp_is_action_variable('send', 0)) { if (!check_admin_referer('groups_send_invites', '_wpnonce_send_invites')) { return false; } if (!empty($_POST['friends'])) { foreach ((array) $_POST['friends'] as $friend) { groups_invite_user(array('user_id' => $friend, 'group_id' => $bp->groups->current_group->id)); } } // Send the invites. groups_send_invites(bp_loggedin_user_id(), $bp->groups->current_group->id); bp_core_add_message(__('Group invites sent.', 'buddypress')); do_action('groups_screen_group_invite', $bp->groups->current_group->id); bp_core_redirect(bp_get_group_permalink($bp->groups->current_group)); } elseif (!bp_action_variable(0)) { // Show send invite page bp_core_load_template(apply_filters('groups_template_group_invite', 'groups/single/home')); } else { bp_do_404(); } }
/** Delete Account ************************************************************/ function bp_core_screen_delete_account() { global $bp; if (bp_action_variables()) { bp_do_404(); return; } if (isset($_POST['delete-account-understand'])) { // Nonce check check_admin_referer('delete-account'); // delete the users account if (bp_core_delete_account($bp->displayed_user->id)) { bp_core_redirect(home_url()); } } // Load the template bp_core_load_template(apply_filters('bp_core_screen_delete_account', 'members/single/settings/delete-account')); }
/** * Catches a reshare to delete if js is disabled * * @package BP Reshare * @since 1.0 * * @uses bp_is_activity_component() are we in activity component * @uses bp_is_current_action() to check current action * @uses buddyreshare_get_component_slug() to get component slug * @uses bp_action_variable() to check the variables * @uses check_admin_referer() for security reasons * @uses bp_activity_get_specific() to fetch the activity to delete * @uses bp_do_404() to eventually send the user on a 404 * @uses bp_core_get_user_domain() to build user's url * @uses bp_get_activity_slug() to get activity slug * @uses buddyreshare_reset_metas() to reset some metas for the parent activity * @uses bp_core_add_message() to print a warning message * @uses bp_core_redirect() to safely redirect user * @uses bp_activity_delete() to delete the reshare */ function buddyreshare_remove_reshare() { // Not deleting a reshare if (!bp_is_activity_component() || !bp_is_current_action(buddyreshare_get_component_slug())) { return false; } // No reshare to delete if (!bp_action_variable(0) || bp_action_variable(0) != 'delete' || !bp_action_variable(1) || !is_numeric(bp_action_variable(1))) { return false; } $reshare_id = bp_action_variable(1); check_admin_referer('buddyreshare_delete'); // Get the activity details $activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(1), 'show_hidden' => true)); // 404 if activity does not exist if (empty($activity['activities'][0])) { bp_do_404(); return; } else { $reshare = $activity['activities'][0]; } // redirecting to user's profile $redirect = bp_core_get_user_domain($reshare->user_id, $reshare->user_nicename, $reshare->user_login) . bp_get_activity_slug() . '/'; $reset = buddyreshare_reset_metas($reshare->secondary_item_id, $reshare->user_id); if (empty($reset)) { bp_core_add_message(__('Unable to reset the properties of the reshared activity', 'bp-reshare'), 'error'); bp_core_redirect($redirect); } $deleted_reshare = bp_activity_delete(array('type' => 'reshare_update', 'id' => $reshare_id)); if (!empty($deleted_reshare)) { do_action('buddyreshare_reshare_deleted', $reshare_id); bp_core_add_message(__('Reshare deleted !', 'bp-reshare')); bp_core_redirect($redirect); } else { do_action('buddyreshare_reshare_deleted_error', $reshare_id); bp_core_add_message(__('OOps, error while trying to reshare..', 'bp-reshare'), 'error'); bp_core_redirect($redirect); } }
/** * Handles the deleting of a user */ function bp_settings_action_delete_account() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if no submit action if (!isset($_POST['delete-account-understand'])) { return; } // Bail if not in settings if (!bp_is_settings_component() || !bp_is_current_action('delete-account')) { return false; } // 404 if there are any additional action variables attached if (bp_action_variables()) { bp_do_404(); return; } // Bail if account deletion is disabled if (bp_disable_account_deletion() && !bp_current_user_can('delete_users')) { return false; } // Nonce check check_admin_referer('delete-account'); // Get username now because it might be gone soon! $username = bp_get_displayed_user_fullname(); // delete the users account if (bp_core_delete_account(bp_displayed_user_id())) { // Add feedback ater deleting a user bp_core_add_message(sprintf(__('%s was successfully deleted.', 'buddypress'), $username), 'success'); // Redirect to the root domain bp_core_redirect(bp_get_root_domain()); } }
/** * Render the markup for the Messages section of Settings > Notifications. * * @since BuddyPress (1.0.0) */ function messages_screen_notification_settings() { if (bp_action_variables()) { bp_do_404(); return; } if (!($new_messages = bp_get_user_meta(bp_displayed_user_id(), 'notification_messages_new_message', true))) { $new_messages = 'yes'; } ?> <table class="notification-settings" id="messages-notification-settings"> <thead> <tr> <th class="icon"></th> <th class="title"><?php _e('Messages', 'buddypress'); ?> </th> <th class="yes"><?php _e('Yes', 'buddypress'); ?> </th> <th class="no"><?php _e('No', 'buddypress'); ?> </th> </tr> </thead> <tbody> <tr id="messages-notification-settings-new-message"> <td></td> <td><?php _e('A member sends you a new message', 'buddypress'); ?> </td> <td class="yes"><input type="radio" name="notifications[notification_messages_new_message]" value="yes" <?php checked($new_messages, 'yes', true); ?> /></td> <td class="no"><input type="radio" name="notifications[notification_messages_new_message]" value="no" <?php checked($new_messages, 'no', true); ?> /></td> </tr> <?php /** * Fires inside the closing </tbody> tag for messages screen notification settings. * * @since BuddyPress (1.0.0) */ do_action('messages_screen_notification_settings'); ?> </tbody> </table> <?php }