/**
* Show the capabilities settings template
*
* @since BuddyPress (1.6)
*
* @return If we shouldn't be here
*/
function bp_settings_screen_capabilities()
{
if (bp_action_variables()) {
bp_do_404();
return;
}
// Load the template
bp_core_load_template(apply_filters('bp_settings_screen_capabilities', 'members/single/settings/capabilities'));
}
/**
* Protect access to single groups.
*
* @since BuddyPress (2.1.0)
*/
function bp_groups_group_access_protection()
{
if (!bp_is_group()) {
return;
}
$current_group = groups_get_current_group();
$user_has_access = $current_group->user_has_access;
$no_access_args = array();
if (!$user_has_access && 'hidden' !== $current_group->status) {
// Always allow access to home and request-membership
if (bp_is_current_action('home') || bp_is_current_action('request-membership')) {
$user_has_access = true;
// User doesn't have access, so set up redirect args
} else {
if (is_user_logged_in()) {
$no_access_args = array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group) . 'home/', 'redirect' => false);
}
}
}
// Protect the admin tab from non-admins
if (bp_is_current_action('admin') && !bp_is_item_admin()) {
$user_has_access = false;
$no_access_args = array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($current_group), 'redirect' => false);
}
/**
* Allow plugins to filter whether the current user has access to this group content.
*
* Note that if a plugin sets $user_has_access to false, it may also
* want to change the $no_access_args, to avoid problems such as
* logged-in users being redirected to wp-login.php.
*
* @since BuddyPress (2.1.0)
*
* @param bool $user_has_access True if the user has access to the
* content, otherwise false.
* @param array $no_access_args Arguments to be passed to
* bp_core_no_access() in case of no access. Note that this
* value is passed by reference, so it can be modified by the
* filter callback.
*/
$user_has_access = apply_filters_ref_array('bp_group_user_has_access', array($user_has_access, &$no_access_args));
// If user has access, we return rather than redirect
if ($user_has_access) {
return;
}
// Hidden groups should return a 404 for non-members.
// Unset the current group so that you're not redirected
// to the default group tab
if ('hidden' == $current_group->status) {
buddypress()->groups->current_group = 0;
buddypress()->is_single_item = false;
bp_do_404();
return;
} else {
bp_core_no_access($no_access_args);
}
}
/**
* Catch and route requests for single activity item permalinks.
*
* @since 1.2.0
*
* @uses bp_is_activity_component()
* @uses bp_is_current_action()
* @uses bp_action_variable()
* @uses bp_activity_get_specific()
* @uses bp_is_active()
* @uses bp_core_get_user_domain()
* @uses groups_get_group()
* @uses bp_get_group_permalink()
* @uses apply_filters_ref_array() To call the 'bp_activity_permalink_redirect_url' hook.
* @uses bp_core_redirect()
* @uses bp_get_root_domain()
*
* @return bool False on failure.
*/
function bp_activity_action_permalink_router()
{
// Not viewing activity.
if (!bp_is_activity_component() || !bp_is_current_action('p')) {
return false;
}
// No activity to display.
if (!bp_action_variable(0) || !is_numeric(bp_action_variable(0))) {
return false;
}
// Get the activity details.
$activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(0), 'show_hidden' => true));
// 404 if activity does not exist
if (empty($activity['activities'][0])) {
bp_do_404();
return;
} else {
$activity = $activity['activities'][0];
}
// Do not redirect at default.
$redirect = false;
// Redirect based on the type of activity.
if (bp_is_active('groups') && $activity->component == buddypress()->groups->id) {
// Activity is a user update.
if (!empty($activity->user_id)) {
$redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/';
// Activity is something else.
} else {
// Set redirect to group activity stream.
if ($group = groups_get_group(array('group_id' => $activity->item_id))) {
$redirect = bp_get_group_permalink($group) . bp_get_activity_slug() . '/' . $activity->id . '/';
}
}
// Set redirect to users' activity stream.
} elseif (!empty($activity->user_id)) {
$redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/';
}
// If set, add the original query string back onto the redirect URL.
if (!empty($_SERVER['QUERY_STRING'])) {
$query_frags = array();
wp_parse_str($_SERVER['QUERY_STRING'], $query_frags);
$redirect = add_query_arg(urlencode_deep($query_frags), $redirect);
}
/**
* Filter the intended redirect url before the redirect occurs for the single activity item.
*
* @since 1.2.2
*
* @param array $value Array with url to redirect to and activity related to the redirect.
*/
if (!($redirect = apply_filters_ref_array('bp_activity_permalink_redirect_url', array($redirect, &$activity)))) {
bp_core_redirect(bp_get_root_domain());
}
// Redirect to the actual activity permalink page.
bp_core_redirect($redirect);
}
/**
* Catch requests for the groups component and find the requested group
*/
function group_hierarchy_override_current_action($current_action)
{
global $bp;
do_action('bp_group_hierarchy_route_requests');
/** Only process once - hopefully this won't have any side effects */
remove_action('bp_current_action', 'group_hierarchy_override_current_action');
/** Abort processing on dashboard pages and when not in groups component */
if (is_admin() && !strpos(admin_url('admin-ajax.php'), $_SERVER['REQUEST_URI'])) {
return $current_action;
}
if (!bp_is_groups_component()) {
return $current_action;
}
$groups_slug = bp_get_groups_root_slug();
bp_group_hierarchy_debug('Routing request');
bp_group_hierarchy_debug('Current component: ' . $bp->current_component);
bp_group_hierarchy_debug('Current action: ' . $current_action);
bp_group_hierarchy_debug('Groups slug: ' . $groups_slug);
bp_group_hierarchy_debug('Are we on a user profile page?: ' . (empty($bp->displayed_user->id) ? 'N' : 'Y'));
if ($current_action == '') {
return $current_action;
}
if (!empty($bp->displayed_user->id) || in_array($current_action, apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $groups_slug, '')))) {
bp_group_hierarchy_debug('Not rewriting current action.');
return $current_action;
}
$action_vars = $bp->action_variables;
$group = new BP_Groups_Hierarchy($current_action);
if (!$group->id && (!isset($bp->current_item) || !$bp->current_item)) {
$current_action = '';
bp_group_hierarchy_debug('Group not found - returning 404.');
bp_do_404();
return;
}
if ($group->has_children()) {
$parent_id = $group->id;
foreach ($bp->action_variables as $action_var) {
$subgroup_id = BP_Groups_Hierarchy::check_slug($action_var, $parent_id);
if ($subgroup_id) {
$action_var = array_shift($action_vars);
$current_action .= '/' . $action_var;
$parent_id = $subgroup_id;
} else {
// once we find something that isn't a group, we're done
break;
}
}
}
bp_group_hierarchy_debug('Action changed to: ' . $current_action);
$bp->action_variables = $action_vars;
$bp->current_action = $current_action;
return $current_action;
}
/**
* Handles the saving of xprofile field visibilities
*
* @since BuddyPress (1.9)
*/
function bp_xprofile_action_settings()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action
if (!isset($_POST['xprofile-settings-submit'])) {
return;
}
// Bail if not in settings
if (!bp_is_user_settings_profile()) {
return;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Nonce check
check_admin_referer('bp_xprofile_settings');
do_action('bp_xprofile_settings_before_save');
/** Save ******************************************************************/
// Only save if there are field ID's being posted
if (!empty($_POST['field_ids'])) {
// Get the POST'ed field ID's
$posted_field_ids = explode(',', $_POST['field_ids']);
// Backward compatibility: a bug in BP 2.0 caused only a single
// group's field IDs to be submitted. Look for values submitted
// in the POST request that may not appear in 'field_ids', and
// add them to the list of IDs to save.
foreach ($_POST as $posted_key => $posted_value) {
preg_match('/^field_([0-9]+)_visibility$/', $posted_key, $matches);
if (!empty($matches[1]) && !in_array($matches[1], $posted_field_ids)) {
$posted_field_ids[] = $matches[1];
}
}
// Save the visibility settings
foreach ($posted_field_ids as $field_id) {
$visibility_level = 'public';
if (!empty($_POST['field_' . $field_id . '_visibility'])) {
$visibility_level = $_POST['field_' . $field_id . '_visibility'];
}
xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level);
}
}
/** Other *****************************************************************/
do_action('bp_xprofile_settings_after_save');
// Redirect to the root domain
bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/profile');
}
/**
* Allow core components and dependent plugins to register activity actions
*
* @since BuddyPress (1.2)
*
* @global object $bp BuddyPress global settings
* @uses bp_is_activity_component()
* @uses bp_is_current_action()
* @uses bp_action_variable()
* @uses bp_activity_get_specific()
* @uses bp_is_active()
* @uses bp_core_get_user_domain()
* @uses groups_get_group()
* @uses bp_get_group_permalink()
* @uses apply_filters_ref_array() To call the 'bp_activity_permalink_redirect_url' hook
* @uses bp_core_redirect()
* @uses bp_get_root_domain()
*
* @return bool False on failure
*/
function bp_activity_action_permalink_router()
{
global $bp;
// Not viewing activity
if (!bp_is_activity_component() || !bp_is_current_action('p')) {
return false;
}
// No activity to display
if (!bp_action_variable(0) || !is_numeric(bp_action_variable(0))) {
return false;
}
// Get the activity details
$activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(0), 'show_hidden' => true));
// 404 if activity does not exist
if (empty($activity['activities'][0])) {
bp_do_404();
return;
} else {
$activity = $activity['activities'][0];
}
// Do not redirect at default
$redirect = false;
// Redirect based on the type of activity
if (bp_is_active('groups') && $activity->component == $bp->groups->id) {
// Activity is a user update
if (!empty($activity->user_id)) {
$redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/';
// Activity is something else
} else {
// Set redirect to group activity stream
if ($group = groups_get_group(array('group_id' => $activity->item_id))) {
$redirect = bp_get_group_permalink($group) . bp_get_activity_slug() . '/' . $activity->id . '/';
}
}
// Set redirect to users' activity stream
} else {
$redirect = bp_core_get_user_domain($activity->user_id, $activity->user_nicename, $activity->user_login) . bp_get_activity_slug() . '/' . $activity->id . '/';
}
// If set, add the original query string back onto the redirect URL
if (!empty($_SERVER['QUERY_STRING'])) {
$query_frags = array();
wp_parse_str($_SERVER['QUERY_STRING'], $query_frags);
$redirect = add_query_arg(urlencode_deep($query_frags), $redirect);
}
// Allow redirect to be filtered
if (!($redirect = apply_filters_ref_array('bp_activity_permalink_redirect_url', array($redirect, &$activity)))) {
bp_core_redirect(bp_get_root_domain());
}
// Redirect to the actual activity permalink page
bp_core_redirect($redirect);
}
/**
* Show the capabilities settings template
*
* @since BuddyPress (1.6.0)
*/
function bp_settings_screen_capabilities()
{
if (bp_action_variables()) {
bp_do_404();
return;
}
/**
* Filters the template file path to use for the capabilities settings screen.
*
* @since BuddyPress (1.6.0)
*
* @param string $value Directory path to look in for the template file.
*/
bp_core_load_template(apply_filters('bp_settings_screen_capabilities', 'members/single/settings/capabilities'));
}
/**
* Sets up and displays the screen output for the sub nav item "portfolio/add"
*/
function bp_portfolio_screen_add()
{
global $bp;
if (bp_action_variables()) {
bp_do_404();
return;
}
messages_remove_callback_values();
if (isset($_POST['add'])) {
// Check the nonce
if (!wp_verify_nonce($_POST['_wpnonce'], 'project_form_nonce')) {
bp_core_add_message(__('There was an error recording the project, please try again', 'bp-portfolio'), 'error');
bp_core_load_template(apply_filters('bp_portfolio_template_personal', BP_PORTFOLIO_TEMPLATE . '/personal'));
}
if (empty($_POST['title-input']) or empty($_POST['url-input']) or empty($_POST['description'])) {
bp_core_add_message(__('All fields are required', 'bp-portfolio'), 'error');
} else {
// Check the url
if (!preg_match("/(ftp|http|https):\\/\\/(\\w+:{0,1}\\w*@)?(\\S+)(:[0-9]+)?(\\/|\\/([\\w#!:.?+=&%@!\\-\\/]))?/", $_POST['url-input'])) {
bp_core_add_message(__('Url must be a valid URL.', 'bp-portfolio'), 'error');
bp_core_load_template(apply_filters('bp_portfolio_template_add', BP_PORTFOLIO_TEMPLATE . '/add'));
}
// Check description size
if (strlen($_POST['description']) > BP_PORTFOLIO_DESC_MAX_SIZE) {
$_POST['description'] = substr($_POST['description'], 0, BP_PORTFOLIO_DESC_MAX_SIZE);
}
// Save the item
$posts = array('author_id' => bp_loggedin_user_id(), 'title' => $_POST['title-input'], 'description' => $_POST['description'], 'url' => $_POST['url-input']);
// Is that a capture has been sent ?
if (isset($_FILES['screenshot-input']) and $_FILES['screenshot-input']['error'] == 0) {
$posts['screenshot'] = $_FILES['screenshot-input'];
}
if ($item = bp_portfolio_save_item($posts)) {
bp_core_add_message(__('Project has been saved', 'bp-portfolio'));
bp_core_redirect(bp_core_get_user_domain(bp_loggedin_user_id()) . bp_get_portfolio_slug());
} else {
bp_core_add_message(__('There was an error recording the project, please try again', 'bp-portfolio'), 'error');
}
}
}
do_action('bp_portfolio_add_screen');
// Displaying Content
bp_core_load_template(apply_filters('bp_portfolio_template_add', BP_PORTFOLIO_TEMPLATE . '/add'));
}
/**
* Handles the saving of xprofile field visibilities
*
* @since BuddyPress (1.9)
*/
function bp_xprofile_action_settings()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action
if (!isset($_POST['xprofile-settings-submit'])) {
return;
}
// Bail if not in settings
if (!bp_is_user_settings_profile()) {
return;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Nonce check
check_admin_referer('bp_xprofile_settings');
do_action('bp_xprofile_settings_before_save');
/** Save ******************************************************************/
// Only save if there are field ID's being posted
if (!empty($_POST['field_ids'])) {
// Get the POST'ed field ID's
$posted_field_ids = explode(',', $_POST['field_ids']);
// Save the visibility settings
foreach ($posted_field_ids as $field_id) {
$visibility_level = 'public';
if (!empty($_POST['field_' . $field_id . '_visibility'])) {
$visibility_level = $_POST['field_' . $field_id . '_visibility'];
}
xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level);
}
}
/** Other *****************************************************************/
do_action('bp_xprofile_settings_after_save');
// Redirect to the root domain
bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/profile');
}
/**
* Perform actions about rendez-vous (insert/edit/delete/save prefs)
*
* @package Rendez Vous
* @subpackage Groups
*
* @since Rendez Vous (1.1.0)
*
* @uses Rendez_Vous_Group->is_rendez_vous() Checks whether we're on a rendez-vous page of a group
* @uses rendez_vous() to get the plugin's instance
* @uses rendez_vous_handle_actions() to insert/edit/delete/save prefs about a rendez-vous
* @uses bp_get_current_group_id() to get the group id
* @uses Rendez_Vous_Group::group_get_option() to get the needed group metas.
* @uses groups_is_user_member() to check the organizer is still a member of the group
* @uses delete_post_meta() to remove a rendez-vous from a group
* @uses rendez_vous_get_single_link() to get the rendez-vous link
* @uses bp_core_add_message() to give a feedback to the user
* @uses do_action() call 'rendez_vous_groups_component_deactivated' or
* 'rendez_vous_groups_member_removed' to perform custom actions
* @uses bp_core_redirect() to safely redirect the user
* @uses bp_is_current_component() to check for a BuddyPress component
* @uses bp_current_item() to make sure a group item is requested
* @uses bp_do_404() to set the WP Query to a 404.
*/
public function group_handle_screens()
{
if ($this->is_rendez_vous()) {
$rendez_vous = rendez_vous();
$this->screen = rendez_vous_handle_actions();
$rendez_vous->screens->screen = $this->screen;
$group_id = bp_get_current_group_id();
/**
* Should we remove the rendez-vous from the group ?
*
* Although, this is already handled in Rendez_Vous_Group->group_rendez_vous_link()
* an invited user can click on an email he received where the link is a group rendez-vous link.
* @see rendez_vous_published_notification()
*
* Not checking if notifications are active, because there's also an edge case when the activity
* has not been deleted yet and the user clicks on the activity link.
*/
if ('single' == $this->screen && !empty($rendez_vous->item->id)) {
$message = $action = false;
// The group doesn't support rendez-vous anymore
if (!self::group_get_option($group_id, '_rendez_vous_group_activate', false)) {
$message = __('The Group, the rendez-vous was attached to, does not support rendez-vous anymore', 'rendez-vous');
$action = 'rendez_vous_groups_component_deactivated';
// The organizer was removed or left the group
} else {
if (!groups_is_user_member($rendez_vous->item->organizer, $group_id)) {
$message = sprintf(__('%s is not a member of the group, the rendez-vous was attached to, anymore. As a result, the rendez-vous was removed from the group.', 'rendez-vous'), bp_core_get_user_displayname($rendez_vous->item->organizer));
$action = 'rendez_vous_groups_member_removed';
}
}
// Bail if everything is ok.
if (empty($message)) {
return;
}
// Delete the rendez-vous group id meta
delete_post_meta($rendez_vous->item->id, '_rendez_vous_group_id');
$redirect = rendez_vous_get_single_link($rendez_vous->item->id, $rendez_vous->item->organizer);
bp_core_add_message($message, 'error');
// fire an action to deal with group activities
do_action($action, $rendez_vous->item->id, $rendez_vous->item);
// Redirect to organizer's rendez-vous page
bp_core_redirect($redirect);
}
} else {
if (bp_is_current_component('groups') && bp_is_current_action($this->slug) && bp_current_item()) {
bp_do_404();
return;
}
}
}
/**
* Catch unauthorized access to certain BuddyPress pages and redirect accordingly.
*
* @since 1.5.0
*/
function bp_core_catch_no_access()
{
global $wp_query;
$bp = buddypress();
// If coming from bp_core_redirect() and $bp_no_status_set is true,
// we are redirecting to an accessible page so skip this check.
if (!empty($bp->no_status_set)) {
return false;
}
if (!isset($wp_query->queried_object) && !bp_is_blog_page()) {
bp_do_404();
}
}
/**
* Catches invalid access to BuddyPress pages and redirects them accordingly.
*
* @package BuddyPress Core
* @since 1.5
*/
function bp_core_catch_no_access()
{
global $bp, $bp_no_status_set, $nxt_query;
// If bp_core_redirect() and $bp_no_status_set is true,
// we are redirecting to an accessible page, so skip this check.
if ($bp_no_status_set) {
return false;
}
if (!isset($nxt_query->queried_object) && !bp_is_blog_page()) {
bp_do_404();
}
}
/**
* Show the xprofile settings template
*
* @since BuddyPress (2.0.0)
*/
function bp_xprofile_screen_settings()
{
// Redirect if no privacy settings page is accessible
if (bp_action_variables() || !bp_is_active('xprofile')) {
bp_do_404();
return;
}
/**
* Filters the template to load for the XProfile settings screen.
*
* @since BuddyPress (2.0.0)
*
* @param string $template Path to the XProfile change avatar template to load.
*/
bp_core_load_template(apply_filters('bp_settings_screen_xprofile', '/members/single/settings/profile'));
}
/**
* Set up component global data.
*
* The BP_GROUPS_SLUG constant is deprecated, and only used here for
* backwards compatibility.
*
* @since 1.5.0
*
* @see BP_Component::setup_globals() for a description of arguments.
*
* @param array $args See BP_Component::setup_globals() for a description.
*/
public function setup_globals($args = array())
{
$bp = buddypress();
// Define a slug, if necessary.
if (!defined('BP_GROUPS_SLUG')) {
define('BP_GROUPS_SLUG', $this->id);
}
// Global tables for groups component.
$global_tables = array('table_name' => $bp->table_prefix . 'bp_groups', 'table_name_members' => $bp->table_prefix . 'bp_groups_members', 'table_name_groupmeta' => $bp->table_prefix . 'bp_groups_groupmeta');
// Metadata tables for groups component.
$meta_tables = array('group' => $bp->table_prefix . 'bp_groups_groupmeta');
// All globals for groups component.
// Note that global_tables is included in this array.
$args = array('slug' => BP_GROUPS_SLUG, 'root_slug' => isset($bp->pages->groups->slug) ? $bp->pages->groups->slug : BP_GROUPS_SLUG, 'has_directory' => true, 'directory_title' => _x('Groups', 'component directory title', 'buddypress'), 'notification_callback' => 'groups_format_notifications', 'search_string' => _x('Search Groups...', 'Component directory search', 'buddypress'), 'global_tables' => $global_tables, 'meta_tables' => $meta_tables);
parent::setup_globals($args);
/* Single Group Globals **********************************************/
// Are we viewing a single group?
if (bp_is_groups_component() && ($group_id = BP_Groups_Group::group_exists(bp_current_action()))) {
$bp->is_single_item = true;
/**
* Filters the current PHP Class being used.
*
* @since 1.5.0
*
* @param string $value Name of the class being used.
*/
$current_group_class = apply_filters('bp_groups_current_group_class', 'BP_Groups_Group');
if ($current_group_class == 'BP_Groups_Group') {
$this->current_group = groups_get_group(array('group_id' => $group_id, 'populate_extras' => true));
} else {
/**
* Filters the current group object being instantiated from previous filter.
*
* @since 1.5.0
*
* @param object $value Newly instantiated object for the group.
*/
$this->current_group = apply_filters('bp_groups_current_group_object', new $current_group_class($group_id));
}
// When in a single group, the first action is bumped down one because of the
// group name, so we need to adjust this and set the group name to current_item.
$bp->current_item = bp_current_action();
$bp->current_action = bp_action_variable(0);
array_shift($bp->action_variables);
// Using "item" not "group" for generic support in other components.
if (bp_current_user_can('bp_moderate')) {
bp_update_is_item_admin(true, 'groups');
} else {
bp_update_is_item_admin(groups_is_user_admin(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// If the user is not an admin, check if they are a moderator.
if (!bp_is_item_admin()) {
bp_update_is_item_mod(groups_is_user_mod(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// Is the logged in user a member of the group?
if (is_user_logged_in() && groups_is_user_member(bp_loggedin_user_id(), $this->current_group->id)) {
$this->current_group->is_user_member = true;
} else {
$this->current_group->is_user_member = false;
}
// Should this group be visible to the logged in user?
if ('public' == $this->current_group->status || $this->current_group->is_user_member) {
$this->current_group->is_visible = true;
} else {
$this->current_group->is_visible = false;
}
// If this is a private or hidden group, does the user have access?
if ('private' == $this->current_group->status || 'hidden' == $this->current_group->status) {
if ($this->current_group->is_user_member && is_user_logged_in() || bp_current_user_can('bp_moderate')) {
$this->current_group->user_has_access = true;
} else {
$this->current_group->user_has_access = false;
}
} else {
$this->current_group->user_has_access = true;
}
// Check once if the current group has a custom front template.
$this->current_group->front_template = bp_groups_get_front_template($this->current_group);
// Set current_group to 0 to prevent debug errors.
} else {
$this->current_group = 0;
}
/**
* Filters the list of illegal groups names/slugs.
*
* @since 1.0.0
*
* @param array $value Array of illegal group names/slugs.
*/
$this->forbidden_names = apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $this->slug, $this->root_slug));
// If the user was attempting to access a group, but no group by that name was found, 404.
if (bp_is_groups_component() && empty($this->current_group) && bp_current_action() && !in_array(bp_current_action(), $this->forbidden_names)) {
bp_do_404();
return;
}
/**
* Filters the preconfigured groups creation steps.
*
* @since 1.1.0
*
* @param array $value Array of preconfigured group creation steps.
*/
$this->group_creation_steps = apply_filters('groups_create_group_steps', array('group-details' => array('name' => _x('Details', 'Group screen nav', 'buddypress'), 'position' => 0), 'group-settings' => array('name' => _x('Settings', 'Group screen nav', 'buddypress'), 'position' => 10)));
// If avatar uploads are not disabled, add avatar option.
$disabled_avatar_uploads = (int) bp_disable_group_avatar_uploads();
if (!$disabled_avatar_uploads && $bp->avatar->show_avatars) {
$this->group_creation_steps['group-avatar'] = array('name' => _x('Photo', 'Group screen nav', 'buddypress'), 'position' => 20);
}
if (bp_group_use_cover_image_header()) {
$this->group_creation_steps['group-cover-image'] = array('name' => _x('Cover Image', 'Group screen nav', 'buddypress'), 'position' => 25);
}
// If friends component is active, add invitations.
if (bp_is_active('friends')) {
$this->group_creation_steps['group-invites'] = array('name' => _x('Invites', 'Group screen nav', 'buddypress'), 'position' => 30);
}
/**
* Filters the list of valid groups statuses.
*
* @since 1.1.0
*
* @param array $value Array of valid group statuses.
*/
$this->valid_status = apply_filters('groups_valid_status', array('public', 'private', 'hidden'));
// Auto join group when non group member performs group activity.
$this->auto_join = defined('BP_DISABLE_AUTO_GROUP_JOIN') && BP_DISABLE_AUTO_GROUP_JOIN ? false : true;
}
function settings_ui()
{
if (bp_action_variables()) {
bp_do_404();
return;
}
// Load the template
bp_core_load_template(apply_filters('bp_settings_screen_delete_account', 'members/single/plugins'));
}
/**
* Catches invalid access to BuddyPress pages and redirects them accordingly.
*
* @package BuddyPress Core
* @since 1.5
*/
function bp_core_catch_no_access()
{
global $bp, $bp_no_status_set, $wp_query;
// If bp_core_redirect() and $bp_no_status_set is true,
// we are redirecting to an accessible page, so skip this check.
if ($bp_no_status_set) {
return false;
}
// If the displayed user was marked as a spammer and the logged-in user is not a super admin, 404.
if (isset($bp->displayed_user->id) && bp_core_is_user_spammer($bp->displayed_user->id)) {
if (!$bp->loggedin_user->is_super_admin) {
bp_do_404();
return;
} else {
bp_core_add_message(__('This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress'), 'error');
}
}
if (!isset($wp_query->queried_object) && !bp_is_blog_page()) {
bp_do_404();
}
}
/**
* Show the xprofile settings template
*
* @since BuddyPress (2.0.0)
*/
function bp_xprofile_screen_settings()
{
// Redirect if no privacy settings page is accessible
if (bp_action_variables() || !bp_is_active('xprofile')) {
bp_do_404();
return;
}
// Load the template
bp_core_load_template(apply_filters('bp_settings_screen_xprofile', '/members/single/settings/profile'));
}
/**
* Map IdeaStream needed vars to the group's context and prepare the
* group's extension display method
*
* @package WP Idea Stream
* @subpackage buddypress/groups
*
* @since 2.0.0
*
* @uses bp_is_group() to check a group is displayed
* @uses bp_is_current_action() to check the group's current action
* @uses wp_idea_stream_root_slug() to get the IdeaStream root slug
* @uses WP_Idea_Stream_Group::group_get_option() to check for the group setting
* @uses bp_get_current_group_id() to get current group's ID
* @uses bp_core_redirect() to safely redirect the user
* @uses bp_get_group_permalink() to get the group's permalink
* @uses groups_get_current_group() to get the current group's object
* @uses wp_idea_stream_buddypress_set_is_ideastream() to set a new IdeaStream territory for a later use
* @uses bp_action_variables() to get all action variables at once
* @uses wp_idea_stream_action_get_slug() to get IdeaStream's action slug
* @uses wp_idea_stream_addnew_slug() to get IdeaStream's add slug
* @uses wp_idea_stream_buddypress_set_is_new() to set IdeaStream global 'is_new' for a later use
* @uses add_action() to add a field to the new idea form
* @uses wp_idea_stream_edit_slug() to get the edit slug
* @uses get_query_var() to get the value of a specific query var
* @uses wp_idea_stream_get_post_type() to get the ideas post type identifier
* @uses wp_idea_stream_ideas_get_idea_by_name() to get the idea object
* @uses wp_idea_stream_ideas_lock_idea() to check if the idea is edited by another user
* @uses wp_idea_stream_ideas_can_edit() to check if the user can edit the idea
* @uses WP_Idea_Stream_Group->is_idea_attached_to_group() to check if the idea is attached to currrent group
* @uses wp_idea_stream_set_idea_var() to set an IdeaStream global for a later use
* @uses wp_idea_stream_buddypress_set_is_edit() to set IdeaStream global 'is_edit' for a later use
* @uses wp_idea_stream_idea_get_slug() to get IdeaStream's idea slug
* @uses wp_idea_stream_tag_get_slug() to get the ideas tag taxonomy slug
* @uses wp_idea_stream_category_get_slug() to get the ideas category taxonomy slug
* @uses set_query_var() to set some query var for a later use
* @uses get_term_by() to get idea's term
* @uses wp_idea_stream_paged_slug() to get the ideas paged slug
* @uses wp_idea_stream_add_message() to add a feedback to display to the user once redirected
* @uses WP_Idea_Stream_Group->group_ideas_archive_url() to get the group's IdeaStream archive page
* @uses bp_is_current_component() to check for a BuddyPress component
* @uses bp_current_item() to make sure a group item is requested
* @uses bp_do_404() to set the WP Query to a 404.
*/
public function maybe_set_ideastream()
{
if (bp_is_group() && bp_is_current_action(wp_idea_stream_root_slug())) {
// Bail if group is not (more) using IdeaStream
if (!self::group_get_option(bp_get_current_group_id(), '_group_ideastream_activate', false)) {
bp_core_redirect(bp_get_group_permalink(groups_get_current_group()));
}
// Set is_ideastream to load main css file
wp_idea_stream_buddypress_set_is_ideastream();
$actions = array_map('sanitize_title', (array) bp_action_variables());
$message = false;
switch ($actions[0]) {
// Adding a new idea
case wp_idea_stream_action_get_slug():
if (wp_idea_stream_addnew_slug() == $actions[1]) {
$this->group_ideastream->is_action = 'new';
$this->group_ideastream->context = 'new-idea';
// Set is_new to load javascripts
wp_idea_stream_buddypress_set_is_new();
// Add the group_id field in the form
add_action('wp_idea_stream_ideas_the_idea_meta_edit', array($this, 'meta_group_id'));
} else {
if (wp_idea_stream_edit_slug() == $actions[1]) {
$idea_name = get_query_var(wp_idea_stream_get_post_type());
if (empty($idea_name)) {
$message = __('No idea was requested', 'wp-idea-stream');
}
// Get the idea thanks to its name
$idea = wp_idea_stream_ideas_get_idea_by_name($idea_name);
// Check if the idea is currently being edited by someone else
$user_is_editing = wp_idea_stream_ideas_lock_idea($idea->ID);
if (!empty($user_is_editing)) {
$message = sprintf(__('The idea: "%s" is already being edited by another user.', 'wp-idea-stream'), $idea->post_title);
break;
}
// Does the user can edit the idea ?
if (!wp_idea_stream_ideas_can_edit($idea)) {
$message = __('You are not allowed to edit this idea.', 'wp-idea-stream');
break;
}
if ($this->is_idea_attached_to_group($idea)) {
$this->group_ideastream->is_action = 'edit';
$this->group_ideastream->context = 'edit-idea';
// Set the query loop
$query_loop = new StdClass();
$query_loop->idea = $idea;
wp_idea_stream_set_idea_var('query_loop', $query_loop);
wp_idea_stream_set_idea_var('single_idea_id', $idea->ID);
// Set is_new to load javascripts
wp_idea_stream_buddypress_set_is_edit();
// Add the group_id field in the form
add_action('wp_idea_stream_ideas_the_idea_meta_edit', array($this, 'meta_group_id'));
} else {
$message = __('The idea was not found in this group.', 'wp-idea-stream');
}
} else {
$message = __('The action requested is not available', 'wp-idea-stream');
}
}
break;
// Viewing a single idea
// Viewing a single idea
case wp_idea_stream_idea_get_slug():
// No name, stop
if (empty($actions[1])) {
$message = __('No idea was requested', 'wp-idea-stream');
break;
}
// Get the idea thanks to its name
$idea = wp_idea_stream_ideas_get_idea_by_name($actions[1]);
if ($this->is_idea_attached_to_group($idea)) {
$this->group_ideastream->is_action = 'idea';
$this->group_ideastream->idea_name = $actions[1];
// Set the query loop
$query_loop = new StdClass();
$query_loop->idea = $idea;
wp_idea_stream_set_idea_var('query_loop', $query_loop);
wp_idea_stream_set_idea_var('single_idea_id', $idea->ID);
} else {
$message = __('The idea was not found in this group.', 'wp-idea-stream');
}
break;
case wp_idea_stream_tag_get_slug():
case wp_idea_stream_category_get_slug():
// No term name, stop
if (empty($actions[1])) {
$message = sprintf(__('No %s was requested', 'wp-idea-stream'), $actions[0]);
break;
}
// Does the group support categories ?
if ($actions[0] == wp_idea_stream_category_get_slug() && !self::group_get_option(bp_get_current_group_id(), '_group_ideastream_categories', true)) {
$message = sprintf(__('This group does not support the %s feature.', 'wp-idea-stream'), $actions[0]);
break;
}
// Using tag as default, as category can be disabled from group settings.
if ($actions[0] == wp_idea_stream_tag_get_slug()) {
$this->group_ideastream->current_taxonomy = wp_idea_stream_get_tag();
// Set tag as a query var.
set_query_var(wp_idea_stream_get_tag(), $actions[1]);
} else {
if ($actions[0] == wp_idea_stream_category_get_slug()) {
$this->group_ideastream->current_taxonomy = wp_idea_stream_get_category();
// Set category as a query var.
set_query_var(wp_idea_stream_get_category(), $actions[1]);
}
}
// Try to get the term with its slug
$this->group_ideastream->current_term = get_term_by('slug', $actions[1], $this->group_ideastream->current_taxonomy);
if (!empty($this->group_ideastream->current_term)) {
$this->group_ideastream->is_action = $actions[0];
$this->group_ideastream->context = 'taxonomy';
// Set the current term
wp_idea_stream_set_idea_var('current_term', $this->group_ideastream->current_term);
} else {
$message = sprintf(__('The %s was not found', 'wp-idea-stream'), $actions[0]);
break;
}
break;
default:
$this->group_ideastream->is_action = 'archive';
$this->group_ideastream->context = 'archive';
break;
}
// Set pagination for taxonomy & archive page
if (!empty($this->group_ideastream->context) && in_array($this->group_ideastream->context, array('taxonomy', 'archive'))) {
$possible_page_number = array($actions[0]);
if (!empty($actions[2])) {
$possible_page_number = array_merge($possible_page_number, array($actions[2]));
}
if (in_array(wp_idea_stream_paged_slug(), $possible_page_number)) {
if (is_numeric($actions[1])) {
$this->group_ideastream->is_paged = absint($actions[1]);
} else {
if (is_numeric($actions[3])) {
$this->group_ideastream->is_paged = absint($actions[3]);
} else {
$this->group_ideastream->is_paged = 0;
}
}
}
}
if (!empty($message)) {
wp_idea_stream_add_message(array('type' => 'error', 'content' => $message));
bp_core_redirect($this->group_ideas_archive_url(groups_get_current_group(), true));
}
/**
* Redirect to a 404 if needed
*
* It's the case when trying to see an idea attached to an hidden group while the user
* is not a member of this group.
*/
} else {
if (bp_is_current_component('groups') && bp_is_current_action(wp_idea_stream_root_slug()) && bp_current_item()) {
bp_do_404();
return;
}
}
}
/**
* Handles the uploading and cropping of a user avatar. Displays the change avatar page.
*
* @package BuddyPress XProfile
* @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user
* @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename)
*/
function xprofile_screen_change_avatar()
{
global $bp;
if (!bp_is_my_profile() && !is_super_admin()) {
return false;
}
if (bp_action_variables()) {
bp_do_404();
return;
}
$bp->avatar_admin->step = 'upload-image';
if (!empty($_FILES)) {
// Check the nonce
check_admin_referer('bp_avatar_upload');
// Pass the file to the avatar upload handler
if (bp_core_avatar_handle_upload($_FILES, 'xprofile_avatar_upload_dir')) {
$bp->avatar_admin->step = 'crop-image';
// Make sure we include the jQuery jCrop file for image cropping
add_action('nxt_print_scripts', 'bp_core_add_jquery_cropper');
}
}
// If the image cropping is done, crop the image and save a full/thumb version
if (isset($_POST['avatar-crop-submit'])) {
// Check the nonce
check_admin_referer('bp_avatar_cropstore');
if (!bp_core_avatar_handle_crop(array('item_id' => $bp->displayed_user->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) {
bp_core_add_message(__('There was a problem cropping your avatar, please try uploading it again', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Your new avatar was uploaded successfully!', 'buddypress'));
do_action('xprofile_avatar_uploaded');
}
}
do_action('xprofile_screen_change_avatar');
bp_core_load_template(apply_filters('xprofile_template_change_avatar', 'members/single/home'));
}
/**
* Reset the logged-in user's new mentions data when he visits his mentions screen
*
* @since BuddyPress (1.2)
*
* @global object $bp BuddyPress global settings
* @uses bp_is_activity_component()
* @uses bp_activity_get_specific()
* @uses bp_current_action()
* @uses bp_action_variables()
* @uses bp_do_404()
* @uses bp_is_active()
* @uses groups_get_group()
* @uses groups_is_user_member()
* @uses apply_filters_ref_array() To call the 'bp_activity_permalink_access' hook
* @uses do_action() To call the 'bp_activity_screen_single_activity_permalink' hook
* @uses bp_core_add_message()
* @uses is_user_logged_in()
* @uses bp_core_redirect()
* @uses site_url()
* @uses esc_url()
* @uses bp_get_root_domain()
* @uses bp_get_activity_root_slug()
* @uses bp_core_load_template()
* @uses apply_filters() To call the 'bp_activity_template_profile_activity_permalink' hook
*/
function bp_activity_screen_single_activity_permalink()
{
global $bp;
// No displayed user or not viewing activity component
if (!bp_is_activity_component()) {
return false;
}
if (!bp_current_action() || !is_numeric(bp_current_action())) {
return false;
}
// Get the activity details
$activity = bp_activity_get_specific(array('activity_ids' => bp_current_action(), 'show_hidden' => true, 'spam' => 'ham_only'));
// 404 if activity does not exist
if (empty($activity['activities'][0]) || bp_action_variables()) {
bp_do_404();
return;
} else {
$activity = $activity['activities'][0];
}
// Default access is true
$has_access = true;
// If activity is from a group, do an extra cap check
if (isset($bp->groups->id) && $activity->component == $bp->groups->id) {
// Activity is from a group, but groups is currently disabled
if (!bp_is_active('groups')) {
bp_do_404();
return;
}
// Check to see if the group is not public, if so, check the
// user has access to see this activity
if ($group = groups_get_group(array('group_id' => $activity->item_id))) {
// Group is not public
if ('public' != $group->status) {
// User is not a member of group
if (!groups_is_user_member(bp_loggedin_user_id(), $group->id)) {
$has_access = false;
}
}
}
}
// Allow access to be filtered
$has_access = apply_filters_ref_array('bp_activity_permalink_access', array($has_access, &$activity));
// Allow additional code execution
do_action('bp_activity_screen_single_activity_permalink', $activity, $has_access);
// Access is specifically disallowed
if (false === $has_access) {
// User feedback
bp_core_add_message(__('You do not have access to this activity.', 'buddypress'), 'error');
// Redirect based on logged in status
is_user_logged_in() ? bp_core_redirect(bp_loggedin_user_domain()) : bp_core_redirect(site_url('wp-login.php?redirect_to=' . esc_url(bp_get_root_domain() . '/' . bp_get_activity_root_slug() . '/p/' . bp_current_action() . '/')));
}
bp_core_load_template(apply_filters('bp_activity_template_profile_activity_permalink', 'members/single/activity/permalink'));
}
/**
* Output the forums for a group in the edit screens
*
* As of right now, bbPress only supports 1-to-1 group forum relationships.
* In the future, many-to-many should be allowed.
*
* @since bbPress (r3653)
* @uses bp_get_current_group_id()
* @uses bbp_get_group_forum_ids()
* @uses bbp_has_forums()
* @uses bbp_get_template_part()
*/
public function display_forums($offset = 0)
{
global $wp_query;
// Allow actions immediately before group forum output
do_action('bbp_before_group_forum_display');
// Load up bbPress once
$bbp = bbpress();
/** Query Resets ******************************************************/
// Forum data
$forum_action = bp_action_variable($offset);
$forum_ids = bbp_get_group_forum_ids(bp_get_current_group_id());
$forum_id = array_shift($forum_ids);
// Always load up the group forum
bbp_has_forums(array('p' => $forum_id, 'post_parent' => null));
// Set the global forum ID
$bbp->current_forum_id = $forum_id;
// Assume forum query
bbp_set_query_name('bbp_single_forum');
?>
<div id="bbpress-forums">
<?php
switch ($forum_action) {
/** Single Forum **********************************************/
case false:
case 'page':
// Strip the super stickies from topic query
add_filter('bbp_get_super_stickies', array($this, 'no_super_stickies'), 10, 1);
// Unset the super sticky option on topic form
add_filter('bbp_get_topic_types', array($this, 'unset_super_sticky'), 10, 1);
// Query forums and show them if they exist
if (bbp_forums()) {
// Setup the forum
bbp_the_forum();
?>
<h3><?php
bbp_forum_title();
?>
</h3>
<?php
bbp_get_template_part('content', 'single-forum');
// No forums found
} else {
?>
<div id="message" class="info">
<p><?php
esc_html_e('This group does not currently have a forum.', 'bbpress');
?>
</p>
</div>
<?php
}
break;
/** Single Topic **********************************************/
/** Single Topic **********************************************/
case $this->topic_slug:
// hide the 'to front' admin links
add_filter('bbp_get_topic_stick_link', array($this, 'hide_super_sticky_admin_link'), 10, 2);
// Get the topic
bbp_has_topics(array('name' => bp_action_variable($offset + 1), 'posts_per_page' => 1, 'show_stickies' => false));
// If no topic, 404
if (!bbp_topics()) {
bp_do_404(bbp_get_forum_permalink($forum_id));
?>
<h3><?php
bbp_forum_title();
?>
</h3>
<?php
bbp_get_template_part('feedback', 'no-topics');
return;
}
// Setup the topic
bbp_the_topic();
?>
<h3><?php
bbp_topic_title();
?>
</h3>
<?php
// Topic edit
if (bp_action_variable($offset + 2) === bbp_get_edit_rewrite_id()) {
// Unset the super sticky link on edit topic template
add_filter('bbp_get_topic_types', array($this, 'unset_super_sticky'), 10, 1);
// Set the edit switches
$wp_query->bbp_is_edit = true;
$wp_query->bbp_is_topic_edit = true;
// Setup the global forum ID
$bbp->current_topic_id = get_the_ID();
// Merge
if (!empty($_GET['action']) && 'merge' === $_GET['action']) {
bbp_set_query_name('bbp_topic_merge');
bbp_get_template_part('form', 'topic-merge');
// Split
} elseif (!empty($_GET['action']) && 'split' === $_GET['action']) {
bbp_set_query_name('bbp_topic_split');
bbp_get_template_part('form', 'topic-split');
// Edit
} else {
bbp_set_query_name('bbp_topic_form');
bbp_get_template_part('form', 'topic');
}
// Single Topic
} else {
bbp_set_query_name('bbp_single_topic');
bbp_get_template_part('content', 'single-topic');
}
break;
/** Single Reply **********************************************/
/** Single Reply **********************************************/
case $this->reply_slug:
// Get the reply
bbp_has_replies(array('name' => bp_action_variable($offset + 1), 'posts_per_page' => 1));
// If no topic, 404
if (!bbp_replies()) {
bp_do_404(bbp_get_forum_permalink($forum_id));
?>
<h3><?php
bbp_forum_title();
?>
</h3>
<?php
bbp_get_template_part('feedback', 'no-replies');
return;
}
// Setup the reply
bbp_the_reply();
?>
<h3><?php
bbp_reply_title();
?>
</h3>
<?php
if (bp_action_variable($offset + 2) === bbp_get_edit_rewrite_id()) {
// Set the edit switches
$wp_query->bbp_is_edit = true;
$wp_query->bbp_is_reply_edit = true;
// Setup the global reply ID
$bbp->current_reply_id = get_the_ID();
// Move
if (!empty($_GET['action']) && 'move' === $_GET['action']) {
bbp_set_query_name('bbp_reply_move');
bbp_get_template_part('form', 'reply-move');
// Edit
} else {
bbp_set_query_name('bbp_reply_form');
bbp_get_template_part('form', 'reply');
}
}
break;
}
// Reset the query
wp_reset_query();
?>
</div>
<?php
// Allow actions immediately after group forum output
do_action('bbp_after_group_forum_display');
}
/**
* Setup globals
*
* The BP_GROUPS_SLUG constant is deprecated, and only used here for
* backwards compatibility.
*
* @since BuddyPress (1.5)
* @global BuddyPress $bp The one true BuddyPress instance
*/
function setup_globals()
{
global $bp;
// Define a slug, if necessary
if (!defined('BP_GROUPS_SLUG')) {
define('BP_GROUPS_SLUG', $this->id);
}
// Global tables for messaging component
$global_tables = array('table_name' => $bp->table_prefix . 'bp_groups', 'table_name_members' => $bp->table_prefix . 'bp_groups_members', 'table_name_groupmeta' => $bp->table_prefix . 'bp_groups_groupmeta');
// All globals for messaging component.
// Note that global_tables is included in this array.
$globals = array('slug' => BP_GROUPS_SLUG, 'root_slug' => isset($bp->pages->groups->slug) ? $bp->pages->groups->slug : BP_GROUPS_SLUG, 'has_directory' => true, 'notification_callback' => 'groups_format_notifications', 'search_string' => __('Search Groups...', 'buddypress'), 'global_tables' => $global_tables);
parent::setup_globals($globals);
/** Single Group Globals **********************************************/
// Are we viewing a single group?
if (bp_is_groups_component() && ($group_id = BP_Groups_Group::group_exists(bp_current_action()))) {
$bp->is_single_item = true;
$current_group_class = apply_filters('bp_groups_current_group_class', 'BP_Groups_Group');
$this->current_group = apply_filters('bp_groups_current_group_object', new $current_group_class($group_id));
// When in a single group, the first action is bumped down one because of the
// group name, so we need to adjust this and set the group name to current_item.
$bp->current_item = bp_current_action();
$bp->current_action = bp_action_variable(0);
array_shift($bp->action_variables);
// Using "item" not "group" for generic support in other components.
if (bp_current_user_can('bp_moderate')) {
bp_update_is_item_admin(true, 'groups');
} else {
bp_update_is_item_admin(groups_is_user_admin(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// If the user is not an admin, check if they are a moderator
if (!bp_is_item_admin()) {
bp_update_is_item_mod(groups_is_user_mod(bp_loggedin_user_id(), $this->current_group->id), 'groups');
}
// Is the logged in user a member of the group?
if (is_user_logged_in() && groups_is_user_member(bp_loggedin_user_id(), $this->current_group->id)) {
$this->current_group->is_user_member = true;
} else {
$this->current_group->is_user_member = false;
}
// Should this group be visible to the logged in user?
if ('public' == $this->current_group->status || $this->current_group->is_user_member) {
$this->current_group->is_visible = true;
} else {
$this->current_group->is_visible = false;
}
// If this is a private or hidden group, does the user have access?
if ('private' == $this->current_group->status || 'hidden' == $this->current_group->status) {
if ($this->current_group->is_user_member && is_user_logged_in() || bp_current_user_can('bp_moderate')) {
$this->current_group->user_has_access = true;
} else {
$this->current_group->user_has_access = false;
}
} else {
$this->current_group->user_has_access = true;
}
// Set current_group to 0 to prevent debug errors
} else {
$this->current_group = 0;
}
// Illegal group names/slugs
$this->forbidden_names = apply_filters('groups_forbidden_names', array('my-groups', 'create', 'invites', 'send-invites', 'forum', 'delete', 'add', 'admin', 'request-membership', 'members', 'settings', 'avatar', $this->slug, $this->root_slug));
// If the user was attempting to access a group, but no group by that name was found, 404
if (bp_is_groups_component() && empty($this->current_group) && bp_current_action() && !in_array(bp_current_action(), $this->forbidden_names)) {
bp_do_404();
return;
}
if (bp_is_groups_component() && !empty($this->current_group)) {
$this->default_extension = apply_filters('bp_groups_default_extension', defined('BP_GROUPS_DEFAULT_EXTENSION') ? BP_GROUPS_DEFAULT_EXTENSION : 'home');
if (!bp_current_action()) {
$bp->current_action = $this->default_extension;
}
// Prepare for a redirect to the canonical URL
$bp->canonical_stack['base_url'] = bp_get_group_permalink($this->current_group);
if (bp_current_action()) {
$bp->canonical_stack['action'] = bp_current_action();
}
if (!empty($bp->action_variables)) {
$bp->canonical_stack['action_variables'] = bp_action_variables();
}
// When viewing the default extension, the canonical URL should not have
// that extension's slug, unless more has been tacked onto the URL via
// action variables
if (bp_is_current_action($this->default_extension) && empty($bp->action_variables)) {
unset($bp->canonical_stack['action']);
}
}
// Group access control
if (bp_is_groups_component() && !empty($this->current_group)) {
if (!$this->current_group->user_has_access) {
// Hidden groups should return a 404 for non-members.
// Unset the current group so that you're not redirected
// to the default group tab
if ('hidden' == $this->current_group->status) {
$this->current_group = 0;
$bp->is_single_item = false;
bp_do_404();
return;
// Skip the no_access check on home and membership request pages
} elseif (!bp_is_current_action('home') && !bp_is_current_action('request-membership')) {
// Off-limits to this user. Throw an error and redirect to the group's home page
if (is_user_logged_in()) {
bp_core_no_access(array('message' => __('You do not have access to this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false));
// User does not have access, and does not get a message
} else {
bp_core_no_access();
}
}
}
// Protect the admin tab from non-admins
if (bp_is_current_action('admin') && !bp_is_item_admin()) {
bp_core_no_access(array('message' => __('You are not an admin of this group.', 'buddypress'), 'root' => bp_get_group_permalink($bp->groups->current_group), 'redirect' => false));
}
}
// Preconfigured group creation steps
$this->group_creation_steps = apply_filters('groups_create_group_steps', array('group-details' => array('name' => __('Details', 'buddypress'), 'position' => 0), 'group-settings' => array('name' => __('Settings', 'buddypress'), 'position' => 10)));
// If avatar uploads are not disabled, add avatar option
if (!(int) bp_get_option('bp-disable-avatar-uploads')) {
$this->group_creation_steps['group-avatar'] = array('name' => __('Avatar', 'buddypress'), 'position' => 20);
}
// If friends component is active, add invitations
if (bp_is_active('friends')) {
$this->group_creation_steps['group-invites'] = array('name' => __('Invites', 'buddypress'), 'position' => 30);
}
// Groups statuses
$this->valid_status = apply_filters('groups_valid_status', array('public', 'private', 'hidden'));
// Auto join group when non group member performs group activity
$this->auto_join = defined('BP_DISABLE_AUTO_GROUP_JOIN') && BP_DISABLE_AUTO_GROUP_JOIN ? false : true;
}
/**
* Handle the display of a group's Send Invites page.
*/
function groups_screen_group_invite()
{
if (!bp_is_single_item()) {
return false;
}
$bp = buddypress();
if (bp_is_action_variable('send', 0)) {
if (!check_admin_referer('groups_send_invites', '_wpnonce_send_invites')) {
return false;
}
if (!empty($_POST['friends'])) {
foreach ((array) $_POST['friends'] as $friend) {
groups_invite_user(array('user_id' => $friend, 'group_id' => $bp->groups->current_group->id));
}
}
// Send the invites.
groups_send_invites(bp_loggedin_user_id(), $bp->groups->current_group->id);
bp_core_add_message(__('Group invites sent.', 'buddypress'));
/**
* Fires after the sending of a group invite inside the group's Send Invites page.
*
* @since 1.0.0
*
* @param int $id ID of the group whose members are being displayed.
*/
do_action('groups_screen_group_invite', $bp->groups->current_group->id);
bp_core_redirect(bp_get_group_permalink($bp->groups->current_group));
} elseif (!bp_action_variable(0)) {
/**
* Filters the template to load for a group's Send Invites page.
*
* @since 1.0.0
*
* @param string $value Path to a group's Send Invites template.
*/
bp_core_load_template(apply_filters('groups_template_group_invite', 'groups/single/home'));
} else {
bp_do_404();
}
}
function messages_screen_notification_settings()
{
global $bp;
if (bp_action_variables()) {
bp_do_404();
return;
}
if (!($new_messages = bp_get_user_meta($bp->displayed_user->id, 'notification_messages_new_message', true))) {
$new_messages = 'yes';
}
if (!($new_notices = bp_get_user_meta($bp->displayed_user->id, 'notification_messages_new_notice', true))) {
$new_notices = 'yes';
}
?>
<table class="notification-settings" id="messages-notification-settings">
<thead>
<tr>
<th class="icon"></th>
<th class="title"><?php
_e('Messages', 'buddypress');
?>
</th>
<th class="yes"><?php
_e('Yes', 'buddypress');
?>
</th>
<th class="no"><?php
_e('No', 'buddypress');
?>
</th>
</tr>
</thead>
<tbody>
<tr id="messages-notification-settings-new-message">
<td></td>
<td><?php
_e('A member sends you a new message', 'buddypress');
?>
</td>
<td class="yes"><input type="radio" name="notifications[notification_messages_new_message]" value="yes" <?php
checked($new_messages, 'yes', true);
?>
/></td>
<td class="no"><input type="radio" name="notifications[notification_messages_new_message]" value="no" <?php
checked($new_messages, 'no', true);
?>
/></td>
</tr>
<tr id="messages-notification-settings-new-site-notice">
<td></td>
<td><?php
_e('A new site notice is posted', 'buddypress');
?>
</td>
<td class="yes"><input type="radio" name="notifications[notification_messages_new_notice]" value="yes" <?php
checked($new_notices, 'yes', true);
?>
/></td>
<td class="no"><input type="radio" name="notifications[notification_messages_new_notice]" value="no" <?php
checked($new_notices, 'no', true);
?>
/></td>
</tr>
<?php
do_action('messages_screen_notification_settings');
?>
</tbody>
</table>
<?php
}
/**
* Load the page for a single activity item.
*
* @since 1.2.0
*
* @uses bp_is_activity_component()
* @uses bp_activity_get_specific()
* @uses bp_current_action()
* @uses bp_action_variables()
* @uses bp_do_404()
* @uses bp_is_active()
* @uses groups_get_group()
* @uses groups_is_user_member()
* @uses apply_filters_ref_array() To call the 'bp_activity_permalink_access' hook.
* @uses do_action() To call the 'bp_activity_screen_single_activity_permalink' hook.
* @uses bp_core_add_message()
* @uses is_user_logged_in()
* @uses bp_core_redirect()
* @uses site_url()
* @uses esc_url()
* @uses bp_get_root_domain()
* @uses bp_get_activity_root_slug()
* @uses bp_core_load_template()
* @uses apply_filters() To call the 'bp_activity_template_profile_activity_permalink' hook.
*/
function bp_activity_screen_single_activity_permalink()
{
$bp = buddypress();
// No displayed user or not viewing activity component.
if (!bp_is_activity_component()) {
return false;
}
if (!bp_current_action() || !is_numeric(bp_current_action())) {
return false;
}
// Get the activity details.
$activity = bp_activity_get_specific(array('activity_ids' => bp_current_action(), 'show_hidden' => true, 'spam' => 'ham_only'));
// 404 if activity does not exist
if (empty($activity['activities'][0]) || bp_action_variables()) {
bp_do_404();
return;
} else {
$activity = $activity['activities'][0];
}
// Default access is true.
$has_access = true;
// If activity is from a group, do an extra cap check.
if (isset($bp->groups->id) && $activity->component == $bp->groups->id) {
// Activity is from a group, but groups is currently disabled.
if (!bp_is_active('groups')) {
bp_do_404();
return;
}
// Check to see if the group is not public, if so, check the
// user has access to see this activity.
if ($group = groups_get_group(array('group_id' => $activity->item_id))) {
// Group is not public.
if ('public' != $group->status) {
// User is not a member of group.
if (!groups_is_user_member(bp_loggedin_user_id(), $group->id)) {
$has_access = false;
}
}
}
}
/**
* Filters the access permission for a single activity view.
*
* @since 1.2.0
*
* @param array $access Array holding the current $has_access value and current activity item instance.
*/
$has_access = apply_filters_ref_array('bp_activity_permalink_access', array($has_access, &$activity));
/**
* Fires before the loading of a single activity template file.
*
* @since 1.2.0
*
* @param BP_Activity_Activity $activity Object representing the current activity item being displayed.
* @param bool $has_access Whether or not the current user has access to view activity.
*/
do_action('bp_activity_screen_single_activity_permalink', $activity, $has_access);
// Access is specifically disallowed.
if (false === $has_access) {
// User feedback.
bp_core_add_message(__('You do not have access to this activity.', 'buddypress'), 'error');
// Redirect based on logged in status.
if (is_user_logged_in()) {
$url = bp_loggedin_user_domain();
} else {
$url = sprintf(site_url('wp-login.php?redirect_to=%s'), urlencode(esc_url_raw(bp_activity_get_permalink((int) bp_current_action()))));
}
bp_core_redirect($url);
}
/**
* Filters the template to load for a single activity screen.
*
* @since 1.0.0
*
* @param string $template Path to the activity template to load.
*/
bp_core_load_template(apply_filters('bp_activity_template_profile_activity_permalink', 'members/single/activity/permalink'));
}
/**
* Handle the display of a group's Send Invites page.
*/
function groups_screen_group_invite()
{
if (!bp_is_single_item()) {
return false;
}
$bp = buddypress();
if (bp_is_action_variable('send', 0)) {
if (!check_admin_referer('groups_send_invites', '_wpnonce_send_invites')) {
return false;
}
if (!empty($_POST['friends'])) {
foreach ((array) $_POST['friends'] as $friend) {
groups_invite_user(array('user_id' => $friend, 'group_id' => $bp->groups->current_group->id));
}
}
// Send the invites.
groups_send_invites(bp_loggedin_user_id(), $bp->groups->current_group->id);
bp_core_add_message(__('Group invites sent.', 'buddypress'));
do_action('groups_screen_group_invite', $bp->groups->current_group->id);
bp_core_redirect(bp_get_group_permalink($bp->groups->current_group));
} elseif (!bp_action_variable(0)) {
// Show send invite page
bp_core_load_template(apply_filters('groups_template_group_invite', 'groups/single/home'));
} else {
bp_do_404();
}
}
/** Delete Account ************************************************************/
function bp_core_screen_delete_account()
{
global $bp;
if (bp_action_variables()) {
bp_do_404();
return;
}
if (isset($_POST['delete-account-understand'])) {
// Nonce check
check_admin_referer('delete-account');
// delete the users account
if (bp_core_delete_account($bp->displayed_user->id)) {
bp_core_redirect(home_url());
}
}
// Load the template
bp_core_load_template(apply_filters('bp_core_screen_delete_account', 'members/single/settings/delete-account'));
}
/**
* Catches a reshare to delete if js is disabled
*
* @package BP Reshare
* @since 1.0
*
* @uses bp_is_activity_component() are we in activity component
* @uses bp_is_current_action() to check current action
* @uses buddyreshare_get_component_slug() to get component slug
* @uses bp_action_variable() to check the variables
* @uses check_admin_referer() for security reasons
* @uses bp_activity_get_specific() to fetch the activity to delete
* @uses bp_do_404() to eventually send the user on a 404
* @uses bp_core_get_user_domain() to build user's url
* @uses bp_get_activity_slug() to get activity slug
* @uses buddyreshare_reset_metas() to reset some metas for the parent activity
* @uses bp_core_add_message() to print a warning message
* @uses bp_core_redirect() to safely redirect user
* @uses bp_activity_delete() to delete the reshare
*/
function buddyreshare_remove_reshare()
{
// Not deleting a reshare
if (!bp_is_activity_component() || !bp_is_current_action(buddyreshare_get_component_slug())) {
return false;
}
// No reshare to delete
if (!bp_action_variable(0) || bp_action_variable(0) != 'delete' || !bp_action_variable(1) || !is_numeric(bp_action_variable(1))) {
return false;
}
$reshare_id = bp_action_variable(1);
check_admin_referer('buddyreshare_delete');
// Get the activity details
$activity = bp_activity_get_specific(array('activity_ids' => bp_action_variable(1), 'show_hidden' => true));
// 404 if activity does not exist
if (empty($activity['activities'][0])) {
bp_do_404();
return;
} else {
$reshare = $activity['activities'][0];
}
// redirecting to user's profile
$redirect = bp_core_get_user_domain($reshare->user_id, $reshare->user_nicename, $reshare->user_login) . bp_get_activity_slug() . '/';
$reset = buddyreshare_reset_metas($reshare->secondary_item_id, $reshare->user_id);
if (empty($reset)) {
bp_core_add_message(__('Unable to reset the properties of the reshared activity', 'bp-reshare'), 'error');
bp_core_redirect($redirect);
}
$deleted_reshare = bp_activity_delete(array('type' => 'reshare_update', 'id' => $reshare_id));
if (!empty($deleted_reshare)) {
do_action('buddyreshare_reshare_deleted', $reshare_id);
bp_core_add_message(__('Reshare deleted !', 'bp-reshare'));
bp_core_redirect($redirect);
} else {
do_action('buddyreshare_reshare_deleted_error', $reshare_id);
bp_core_add_message(__('OOps, error while trying to reshare..', 'bp-reshare'), 'error');
bp_core_redirect($redirect);
}
}
/**
* Handles the deleting of a user
*/
function bp_settings_action_delete_account()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action
if (!isset($_POST['delete-account-understand'])) {
return;
}
// Bail if not in settings
if (!bp_is_settings_component() || !bp_is_current_action('delete-account')) {
return false;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Bail if account deletion is disabled
if (bp_disable_account_deletion() && !bp_current_user_can('delete_users')) {
return false;
}
// Nonce check
check_admin_referer('delete-account');
// Get username now because it might be gone soon!
$username = bp_get_displayed_user_fullname();
// delete the users account
if (bp_core_delete_account(bp_displayed_user_id())) {
// Add feedback ater deleting a user
bp_core_add_message(sprintf(__('%s was successfully deleted.', 'buddypress'), $username), 'success');
// Redirect to the root domain
bp_core_redirect(bp_get_root_domain());
}
}
/**
* Render the markup for the Messages section of Settings > Notifications.
*
* @since BuddyPress (1.0.0)
*/
function messages_screen_notification_settings()
{
if (bp_action_variables()) {
bp_do_404();
return;
}
if (!($new_messages = bp_get_user_meta(bp_displayed_user_id(), 'notification_messages_new_message', true))) {
$new_messages = 'yes';
}
?>
<table class="notification-settings" id="messages-notification-settings">
<thead>
<tr>
<th class="icon"></th>
<th class="title"><?php
_e('Messages', 'buddypress');
?>
</th>
<th class="yes"><?php
_e('Yes', 'buddypress');
?>
</th>
<th class="no"><?php
_e('No', 'buddypress');
?>
</th>
</tr>
</thead>
<tbody>
<tr id="messages-notification-settings-new-message">
<td></td>
<td><?php
_e('A member sends you a new message', 'buddypress');
?>
</td>
<td class="yes"><input type="radio" name="notifications[notification_messages_new_message]" value="yes" <?php
checked($new_messages, 'yes', true);
?>
/></td>
<td class="no"><input type="radio" name="notifications[notification_messages_new_message]" value="no" <?php
checked($new_messages, 'no', true);
?>
/></td>
</tr>
<?php
/**
* Fires inside the closing </tbody> tag for messages screen notification settings.
*
* @since BuddyPress (1.0.0)
*/
do_action('messages_screen_notification_settings');
?>
</tbody>
</table>
<?php
}
