Ejemplo n.º 1
0
/**
 * Handles the front end edit topic submission
 *
 * @param string $action The requested action to compare this function to
 * @uses bbp_add_error() To add an error message
 * @uses bbp_get_topic() To get the topic
 * @uses bbp_verify_nonce_request() To verify the nonce and check the request
 * @uses bbp_is_topic_anonymous() To check if topic is by an anonymous user
 * @uses current_user_can() To check if the current user can edit the topic
 * @uses bbp_filter_anonymous_post_data() To filter anonymous data
 * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
 * @uses esc_attr() For sanitization
 * @uses bbp_is_forum_category() To check if the forum is a category
 * @uses bbp_is_forum_closed() To check if the forum is closed
 * @uses bbp_is_forum_private() To check if the forum is private
 * @uses remove_filter() To remove kses filters if needed
 * @uses apply_filters() Calls 'bbp_edit_topic_pre_title' with the title and
 *                        topic id
 * @uses apply_filters() Calls 'bbp_edit_topic_pre_content' with the content
 *                        and topic id
 * @uses bbPress::errors::get_error_codes() To get the {@link WP_Error} errors
 * @uses wp_save_post_revision() To save a topic revision
 * @uses bbp_update_topic_revision_log() To update the topic revision log
 * @uses bbp_stick_topic() To stick or super stick the topic
 * @uses bbp_unstick_topic() To unstick the topic
 * @uses wp_update_post() To update the topic
 * @uses do_action() Calls 'bbp_edit_topic' with the topic id, forum id,
 *                    anonymous data and reply author
 * @uses bbp_move_topic_handler() To handle movement of a topic from one forum
 *                                 to another
 * @uses bbp_get_topic_permalink() To get the topic permalink
 * @uses wp_safe_redirect() To redirect to the topic link
 * @uses bbPress::errors::get_error_messages() To get the {@link WP_Error} error
 *                                              messages
 */
function bbp_edit_topic_handler($action = '')
{
    // Bail if action is not bbp-edit-topic
    if ('bbp-edit-topic' !== $action) {
        return;
    }
    // Define local variable(s)
    $revisions_removed = false;
    $topic = $topic_id = $topic_author = $forum_id = $anonymous_data = 0;
    $topic_title = $topic_content = $topic_edit_reason = '';
    /** Topic *****************************************************************/
    // Topic id was not passed
    if (empty($_POST['bbp_topic_id'])) {
        bbp_add_error('bbp_edit_topic_id', __('<strong>ERROR</strong>: Topic ID not found.', 'bbpress'));
        return;
        // Topic id was passed
    } elseif (is_numeric($_POST['bbp_topic_id'])) {
        $topic_id = (int) $_POST['bbp_topic_id'];
        $topic = bbp_get_topic($topic_id);
    }
    // Topic does not exist
    if (empty($topic)) {
        bbp_add_error('bbp_edit_topic_not_found', __('<strong>ERROR</strong>: The topic you want to edit was not found.', 'bbpress'));
        return;
        // Topic exists
    } else {
        // Check users ability to create new topic
        if (!bbp_is_topic_anonymous($topic_id)) {
            // User cannot edit this topic
            if (!current_user_can('edit_topic', $topic_id)) {
                bbp_add_error('bbp_edit_topic_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that topic.', 'bbpress'));
            }
            // Set topic author
            $topic_author = bbp_get_topic_author_id($topic_id);
            // It is an anonymous post
        } else {
            // Filter anonymous data
            $anonymous_data = bbp_filter_anonymous_post_data(array(), true);
        }
    }
    // Nonce check
    if (!bbp_verify_nonce_request('bbp-edit-topic_' . $topic_id)) {
        bbp_add_error('bbp_edit_topic_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
        return;
    }
    // Remove kses filters from title and content for capable users and if the nonce is verified
    if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_topic']) && wp_create_nonce('bbp-unfiltered-html-topic_' . $topic_id) === $_POST['_bbp_unfiltered_html_topic']) {
        remove_filter('bbp_edit_topic_pre_title', 'wp_filter_kses');
        remove_filter('bbp_edit_topic_pre_content', 'bbp_encode_bad', 10);
        remove_filter('bbp_edit_topic_pre_content', 'bbp_filter_kses', 30);
    }
    /** Topic Forum ***********************************************************/
    // Forum id was not passed
    if (empty($_POST['bbp_forum_id'])) {
        bbp_add_error('bbp_topic_forum_id', __('<strong>ERROR</strong>: Forum ID is missing.', 'bbpress'));
        // Forum id was passed
    } elseif (is_numeric($_POST['bbp_forum_id'])) {
        $forum_id = (int) $_POST['bbp_forum_id'];
    }
    // Current forum this topic is in
    $current_forum_id = bbp_get_topic_forum_id($topic_id);
    // Forum exists
    if (!empty($forum_id) && $forum_id !== $current_forum_id) {
        // Forum is a category
        if (bbp_is_forum_category($forum_id)) {
            bbp_add_error('bbp_edit_topic_forum_category', __('<strong>ERROR</strong>: This forum is a category. No topics can be created in it.', 'bbpress'));
            // Forum is not a category
        } else {
            // Forum is closed and user cannot access
            if (bbp_is_forum_closed($forum_id) && !current_user_can('edit_forum', $forum_id)) {
                bbp_add_error('bbp_edit_topic_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new topics.', 'bbpress'));
            }
            // Forum is private and user cannot access
            if (bbp_is_forum_private($forum_id)) {
                if (!current_user_can('read_private_forums')) {
                    bbp_add_error('bbp_edit_topic_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new topics in it.', 'bbpress'));
                }
                // Forum is hidden and user cannot access
            } elseif (bbp_is_forum_hidden($forum_id)) {
                if (!current_user_can('read_hidden_forums')) {
                    bbp_add_error('bbp_edit_topic_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new topics in it.', 'bbpress'));
                }
            }
        }
    }
    /** Topic Title ***********************************************************/
    if (!empty($_POST['bbp_topic_title'])) {
        $topic_title = esc_attr(strip_tags($_POST['bbp_topic_title']));
    }
    // Filter and sanitize
    $topic_title = apply_filters('bbp_edit_topic_pre_title', $topic_title, $topic_id);
    // No topic title
    if (empty($topic_title)) {
        bbp_add_error('bbp_edit_topic_title', __('<strong>ERROR</strong>: Your topic needs a title.', 'bbpress'));
    }
    /** Topic Content *********************************************************/
    if (!empty($_POST['bbp_topic_content'])) {
        $topic_content = $_POST['bbp_topic_content'];
    }
    // Filter and sanitize
    $topic_content = apply_filters('bbp_edit_topic_pre_content', $topic_content, $topic_id);
    // No topic content
    if (empty($topic_content)) {
        bbp_add_error('bbp_edit_topic_content', __('<strong>ERROR</strong>: Your topic cannot be empty.', 'bbpress'));
    }
    /** Topic Blacklist *******************************************************/
    if (!bbp_check_for_blacklist($anonymous_data, $topic_author, $topic_title, $topic_content)) {
        bbp_add_error('bbp_topic_blacklist', __('<strong>ERROR</strong>: Your topic cannot be edited at this time.', 'bbpress'));
    }
    /** Topic Status **********************************************************/
    // Maybe put into moderation
    if (!bbp_check_for_moderation($anonymous_data, $topic_author, $topic_title, $topic_content)) {
        // Set post status to pending if public or closed
        if (in_array($topic->post_status, array(bbp_get_public_status_id(), bbp_get_closed_status_id()))) {
            $topic_status = bbp_get_pending_status_id();
        }
        // Check a whitelist of possible topic status ID's
    } elseif (!empty($_POST['bbp_topic_status']) && in_array($_POST['bbp_topic_status'], array_keys(bbp_get_topic_statuses()))) {
        $topic_status = $_POST['bbp_topic_status'];
        // Use existing post_status
    } else {
        $topic_status = $topic->post_status;
    }
    /** Topic Tags ************************************************************/
    // Either replace terms
    if (bbp_allow_topic_tags() && current_user_can('assign_topic_tags') && !empty($_POST['bbp_topic_tags'])) {
        // Escape tag input
        $terms = esc_attr(strip_tags($_POST['bbp_topic_tags']));
        // Explode by comma
        if (strstr($terms, ',')) {
            $terms = explode(',', $terms);
        }
        // Add topic tag ID as main key
        $terms = array(bbp_get_topic_tag_tax_id() => $terms);
        // ...or remove them.
    } elseif (isset($_POST['bbp_topic_tags'])) {
        $terms = array(bbp_get_topic_tag_tax_id() => array());
        // Existing terms
    } else {
        $terms = array(bbp_get_topic_tag_tax_id() => explode(',', bbp_get_topic_tag_names($topic_id, ',')));
    }
    /** Additional Actions (Before Save) **************************************/
    do_action('bbp_edit_topic_pre_extras', $topic_id);
    // Bail if errors
    if (bbp_has_errors()) {
        return;
    }
    /** No Errors *************************************************************/
    // Add the content of the form to $topic_data as an array
    // Just in time manipulation of topic data before being edited
    $topic_data = apply_filters('bbp_edit_topic_pre_insert', array('ID' => $topic_id, 'post_title' => $topic_title, 'post_content' => $topic_content, 'post_status' => $topic_status, 'post_parent' => $forum_id, 'post_author' => $topic_author, 'post_type' => bbp_get_topic_post_type(), 'tax_input' => $terms));
    // Toggle revisions to avoid duplicates
    if (post_type_supports(bbp_get_topic_post_type(), 'revisions')) {
        $revisions_removed = true;
        remove_post_type_support(bbp_get_topic_post_type(), 'revisions');
    }
    // Insert topic
    $topic_id = wp_update_post($topic_data);
    // Toggle revisions back on
    if (true === $revisions_removed) {
        $revisions_removed = false;
        add_post_type_support(bbp_get_topic_post_type(), 'revisions');
    }
    /** No Errors *************************************************************/
    if (!empty($topic_id) && !is_wp_error($topic_id)) {
        // Update counts, etc...
        do_action('bbp_edit_topic', $topic_id, $forum_id, $anonymous_data, $topic_author, true);
        /** Revisions *********************************************************/
        // Revision Reason
        if (!empty($_POST['bbp_topic_edit_reason'])) {
            $topic_edit_reason = esc_attr(strip_tags($_POST['bbp_topic_edit_reason']));
        }
        // Update revision log
        if (!empty($_POST['bbp_log_topic_edit']) && "1" === $_POST['bbp_log_topic_edit']) {
            $revision_id = wp_save_post_revision($topic_id);
            if (!empty($revision_id)) {
                bbp_update_topic_revision_log(array('topic_id' => $topic_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $topic_edit_reason));
            }
        }
        /** Move Topic ********************************************************/
        // If the new forum id is not equal to the old forum id, run the
        // bbp_move_topic action and pass the topic's forum id as the
        // first arg and topic id as the second to update counts.
        if ($forum_id !== $topic->post_parent) {
            bbp_move_topic_handler($topic_id, $topic->post_parent, $forum_id);
        }
        /** Stickies **********************************************************/
        if (!empty($_POST['bbp_stick_topic']) && in_array($_POST['bbp_stick_topic'], array_keys(bbp_get_topic_types()))) {
            // What's the caps?
            if (current_user_can('moderate')) {
                // What's the haps?
                switch ($_POST['bbp_stick_topic']) {
                    // Sticky in forum
                    case 'stick':
                        bbp_stick_topic($topic_id);
                        break;
                        // Sticky in all forums
                    // Sticky in all forums
                    case 'super':
                        bbp_stick_topic($topic_id, true);
                        break;
                        // Normal
                    // Normal
                    case 'unstick':
                    default:
                        bbp_unstick_topic($topic_id);
                        break;
                }
            }
        }
        /** Additional Actions (After Save) ***********************************/
        do_action('bbp_edit_topic_post_extras', $topic_id);
        /** Redirect **********************************************************/
        // Redirect to
        $redirect_to = bbp_get_redirect_to();
        // View all?
        $view_all = bbp_get_view_all();
        // Get the topic URL
        $topic_url = bbp_get_topic_permalink($topic_id, $redirect_to);
        // Add view all?
        if (!empty($view_all)) {
            $topic_url = bbp_add_view_all($topic_url);
        }
        // Allow to be filtered
        $topic_url = apply_filters('bbp_edit_topic_redirect_to', $topic_url, $view_all, $redirect_to);
        /** Successful Edit ***************************************************/
        // Redirect back to new topic
        wp_safe_redirect($topic_url);
        // For good measure
        exit;
        /** Errors ****************************************************************/
    } else {
        $append_error = is_wp_error($topic_id) && $topic_id->get_error_message() ? $topic_id->get_error_message() . ' ' : '';
        bbp_add_error('bbp_topic_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your topic:' . $append_error . 'Please try again.', 'bbpress'));
    }
}
Ejemplo n.º 2
0
/**
 * Handles the front end edit forum submission
 *
 * @param string $action The requested action to compare this function to
 * @uses bbPress:errors::add() To log various error messages
 * @uses bbp_get_forum() To get the forum
 * @uses bbp_verify_nonce_request() To verify the nonce and check the request
 * @uses bbp_is_forum_anonymous() To check if forum is by an anonymous user
 * @uses current_user_can() To check if the current user can edit the forum
 * @uses bbp_filter_anonymous_post_data() To filter anonymous data
 * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
 * @uses esc_attr() For sanitization
 * @uses bbp_is_forum_category() To check if the forum is a category
 * @uses bbp_is_forum_closed() To check if the forum is closed
 * @uses bbp_is_forum_private() To check if the forum is private
 * @uses remove_filter() To remove kses filters if needed
 * @uses apply_filters() Calls 'bbp_edit_forum_pre_title' with the title and
 *                        forum id
 * @uses apply_filters() Calls 'bbp_edit_forum_pre_content' with the content
 *                        and forum id
 * @uses bbPress::errors::get_error_codes() To get the {@link WP_Error} errors
 * @uses wp_save_post_revision() To save a forum revision
 * @uses bbp_update_forum_revision_log() To update the forum revision log
 * @uses wp_update_post() To update the forum
 * @uses do_action() Calls 'bbp_edit_forum' with the forum id, forum id,
 *                    anonymous data and reply author
 * @uses bbp_move_forum_handler() To handle movement of a forum from one forum
 *                                 to another
 * @uses bbp_get_forum_permalink() To get the forum permalink
 * @uses wp_safe_redirect() To redirect to the forum link
 * @uses bbPress::errors::get_error_messages() To get the {@link WP_Error} error
 *                                              messages
 */
function bbp_edit_forum_handler($action = '')
{
    // Bail if action is not bbp-edit-forum
    if ('bbp-edit-forum' !== $action) {
        return;
    }
    // Define local variable(s)
    $anonymous_data = array();
    $forum = $forum_id = $forum_parent_id = 0;
    $forum_title = $forum_content = $forum_edit_reason = '';
    /** Forum *****************************************************************/
    // Forum id was not passed
    if (empty($_POST['bbp_forum_id'])) {
        bbp_add_error('bbp_edit_forum_id', __('<strong>ERROR</strong>: Forum ID not found.', 'bbpress'));
        return;
        // Forum id was passed
    } elseif (is_numeric($_POST['bbp_forum_id'])) {
        $forum_id = (int) $_POST['bbp_forum_id'];
        $forum = bbp_get_forum($forum_id);
    }
    // Nonce check
    if (!bbp_verify_nonce_request('bbp-edit-forum_' . $forum_id)) {
        bbp_add_error('bbp_edit_forum_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
        return;
        // Forum does not exist
    } elseif (empty($forum)) {
        bbp_add_error('bbp_edit_forum_not_found', __('<strong>ERROR</strong>: The forum you want to edit was not found.', 'bbpress'));
        return;
        // User cannot edit this forum
    } elseif (!current_user_can('edit_forum', $forum_id)) {
        bbp_add_error('bbp_edit_forum_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that forum.', 'bbpress'));
        return;
    }
    // Remove kses filters from title and content for capable users and if the nonce is verified
    if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_forum']) && wp_create_nonce('bbp-unfiltered-html-forum_' . $forum_id) === $_POST['_bbp_unfiltered_html_forum']) {
        remove_filter('bbp_edit_forum_pre_title', 'wp_filter_kses');
        remove_filter('bbp_edit_forum_pre_content', 'bbp_encode_bad', 10);
        remove_filter('bbp_edit_forum_pre_content', 'bbp_filter_kses', 30);
    }
    /** Forum Parent ***********************************************************/
    // Forum parent id was passed
    if (!empty($_POST['bbp_forum_parent_id'])) {
        $forum_parent_id = bbp_get_forum_id($_POST['bbp_forum_parent_id']);
    }
    // Current forum this forum is in
    $current_parent_forum_id = bbp_get_forum_parent_id($forum_id);
    // Forum exists
    if (!empty($forum_parent_id) && $forum_parent_id !== $current_parent_forum_id) {
        // Forum is closed and user cannot access
        if (bbp_is_forum_closed($forum_parent_id) && !current_user_can('edit_forum', $forum_parent_id)) {
            bbp_add_error('bbp_edit_forum_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new forums.', 'bbpress'));
        }
        // Forum is private and user cannot access
        if (bbp_is_forum_private($forum_parent_id) && !current_user_can('read_private_forums')) {
            bbp_add_error('bbp_edit_forum_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new forums in it.', 'bbpress'));
        }
        // Forum is hidden and user cannot access
        if (bbp_is_forum_hidden($forum_parent_id) && !current_user_can('read_hidden_forums')) {
            bbp_add_error('bbp_edit_forum_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new forums in it.', 'bbpress'));
        }
    }
    /** Forum Title ***********************************************************/
    if (!empty($_POST['bbp_forum_title'])) {
        $forum_title = esc_attr(strip_tags($_POST['bbp_forum_title']));
    }
    // Filter and sanitize
    $forum_title = apply_filters('bbp_edit_forum_pre_title', $forum_title, $forum_id);
    // No forum title
    if (empty($forum_title)) {
        bbp_add_error('bbp_edit_forum_title', __('<strong>ERROR</strong>: Your forum needs a title.', 'bbpress'));
    }
    /** Forum Content *********************************************************/
    if (!empty($_POST['bbp_forum_content'])) {
        $forum_content = $_POST['bbp_forum_content'];
    }
    // Filter and sanitize
    $forum_content = apply_filters('bbp_edit_forum_pre_content', $forum_content, $forum_id);
    // No forum content
    if (empty($forum_content)) {
        bbp_add_error('bbp_edit_forum_content', __('<strong>ERROR</strong>: Your forum description cannot be empty.', 'bbpress'));
    }
    /** Forum Blacklist *******************************************************/
    if (!bbp_check_for_blacklist($anonymous_data, bbp_get_forum_author_id($forum_id), $forum_title, $forum_content)) {
        bbp_add_error('bbp_forum_blacklist', __('<strong>ERROR</strong>: Your forum cannot be edited at this time.', 'bbpress'));
    }
    /** Forum Moderation ******************************************************/
    $post_status = bbp_get_public_status_id();
    if (!bbp_check_for_moderation($anonymous_data, bbp_get_forum_author_id($forum_id), $forum_title, $forum_content)) {
        $post_status = bbp_get_pending_status_id();
    }
    /** Additional Actions (Before Save) **************************************/
    do_action('bbp_edit_forum_pre_extras', $forum_id);
    // Bail if errors
    if (bbp_has_errors()) {
        return;
    }
    /** No Errors *************************************************************/
    // Add the content of the form to $forum_data as an array
    // Just in time manipulation of forum data before being edited
    $forum_data = apply_filters('bbp_edit_forum_pre_insert', array('ID' => $forum_id, 'post_title' => $forum_title, 'post_content' => $forum_content, 'post_status' => $post_status, 'post_parent' => $forum_parent_id));
    // Insert forum
    $forum_id = wp_update_post($forum_data);
    /** Revisions *************************************************************/
    /**
    * @todo omitted for 2.1
    	// Revision Reason
    	if ( !empty( $_POST['bbp_forum_edit_reason'] ) )
    		$forum_edit_reason = esc_attr( strip_tags( $_POST['bbp_forum_edit_reason'] ) );
    
    	// Update revision log
    	if ( !empty( $_POST['bbp_log_forum_edit'] ) && ( "1" === $_POST['bbp_log_forum_edit'] ) && ( $revision_id = wp_save_post_revision( $forum_id ) ) ) {
    		bbp_update_forum_revision_log( array(
    			'forum_id'    => $forum_id,
    			'revision_id' => $revision_id,
    			'author_id'   => bbp_get_current_user_id(),
    			'reason'      => $forum_edit_reason
    		) );
    	}
    */
    /** No Errors *************************************************************/
    if (!empty($forum_id) && !is_wp_error($forum_id)) {
        // Update counts, etc...
        do_action('bbp_edit_forum', array('forum_id' => $forum_id, 'post_parent' => $forum_parent_id, 'forum_author' => $forum->post_author, 'last_topic_id' => 0, 'last_reply_id' => 0, 'last_active_id' => 0, 'last_active_time' => 0, 'last_active_status' => bbp_get_public_status_id()));
        // If the new forum parent id is not equal to the old forum parent
        // id, run the bbp_move_forum action and pass the forum's parent id
        // as the first arg and new forum parent id as the second.
        // @todo implement
        //if ( $forum_id !== $forum->post_parent )
        //	bbp_move_forum_handler( $forum_parent_id, $forum->post_parent, $forum_id );
        /** Additional Actions (After Save) ***********************************/
        do_action('bbp_edit_forum_post_extras', $forum_id);
        /** Redirect **********************************************************/
        // Redirect to
        $redirect_to = bbp_get_redirect_to();
        // View all?
        $view_all = bbp_get_view_all();
        // Get the forum URL
        $forum_url = bbp_get_forum_permalink($forum_id, $redirect_to);
        // Add view all?
        if (!empty($view_all)) {
            $forum_url = bbp_add_view_all($forum_url);
        }
        // Allow to be filtered
        $forum_url = apply_filters('bbp_edit_forum_redirect_to', $forum_url, $view_all, $redirect_to);
        /** Successful Edit ***************************************************/
        // Redirect back to new forum
        wp_safe_redirect($forum_url);
        // For good measure
        exit;
        /** Errors ****************************************************************/
    } else {
        $append_error = is_wp_error($forum_id) && $forum_id->get_error_message() ? $forum_id->get_error_message() . ' ' : '';
        bbp_add_error('bbp_forum_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your forum:' . $append_error . 'Please try again.', 'bbpress'));
    }
}
Ejemplo n.º 3
0
/**
 * Handles the front end edit reply submission
 *
 * @param string $action The requested action to compare this function to
 * @uses bbp_add_error() To add an error message
 * @uses bbp_get_reply() To get the reply
 * @uses bbp_verify_nonce_request() To verify the nonce and check the request
 * @uses bbp_is_reply_anonymous() To check if the reply was by an anonymous user
 * @uses current_user_can() To check if the current user can edit that reply
 * @uses bbp_filter_anonymous_post_data() To filter anonymous data
 * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
 * @uses remove_filter() To remove kses filters if needed
 * @uses esc_attr() For sanitization
 * @uses apply_filters() Calls 'bbp_edit_reply_pre_title' with the title and
 *                       reply id
 * @uses apply_filters() Calls 'bbp_edit_reply_pre_content' with the content
 *                        reply id
 * @uses wp_set_post_terms() To set the topic tags
 * @uses bbp_has_errors() To get the {@link WP_Error} errors
 * @uses wp_save_post_revision() To save a reply revision
 * @uses bbp_update_reply_revision_log() To update the reply revision log
 * @uses wp_update_post() To update the reply
 * @uses bbp_get_reply_topic_id() To get the reply topic id
 * @uses bbp_get_topic_forum_id() To get the topic forum id
 * @uses bbp_get_reply_to() To get the reply to id
 * @uses do_action() Calls 'bbp_edit_reply' with the reply id, topic id, forum
 *                    id, anonymous data, reply author, bool true (for edit),
 *                    and the reply to id
 * @uses bbp_get_reply_url() To get the paginated url to the reply
 * @uses wp_safe_redirect() To redirect to the reply url
 * @uses bbPress::errors::get_error_message() To get the {@link WP_Error} error
 *                                             message
 */
function bbp_edit_reply_handler($action = '')
{
    // Bail if action is not bbp-edit-reply
    if ('bbp-edit-reply' !== $action) {
        return;
    }
    // Define local variable(s)
    $revisions_removed = false;
    $reply = $reply_id = $reply_author = $topic_id = $forum_id = $anonymous_data = 0;
    $reply_title = $reply_content = $reply_edit_reason = $terms = '';
    /** Reply *****************************************************************/
    // Reply id was not passed
    if (empty($_POST['bbp_reply_id'])) {
        bbp_add_error('bbp_edit_reply_id', __('<strong>ERROR</strong>: Reply ID not found.', 'bbpress'));
        return;
        // Reply id was passed
    } elseif (is_numeric($_POST['bbp_reply_id'])) {
        $reply_id = (int) $_POST['bbp_reply_id'];
        $reply = bbp_get_reply($reply_id);
    }
    // Nonce check
    if (!bbp_verify_nonce_request('bbp-edit-reply_' . $reply_id)) {
        bbp_add_error('bbp_edit_reply_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
        return;
    }
    // Reply does not exist
    if (empty($reply)) {
        bbp_add_error('bbp_edit_reply_not_found', __('<strong>ERROR</strong>: The reply you want to edit was not found.', 'bbpress'));
        return;
        // Reply exists
    } else {
        // Check users ability to create new reply
        if (!bbp_is_reply_anonymous($reply_id)) {
            // User cannot edit this reply
            if (!current_user_can('edit_reply', $reply_id)) {
                bbp_add_error('bbp_edit_reply_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that reply.', 'bbpress'));
                return;
            }
            // Set reply author
            $reply_author = bbp_get_reply_author_id($reply_id);
            // It is an anonymous post
        } else {
            // Filter anonymous data
            $anonymous_data = bbp_filter_anonymous_post_data();
        }
    }
    // Remove kses filters from title and content for capable users and if the nonce is verified
    if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_reply']) && wp_create_nonce('bbp-unfiltered-html-reply_' . $reply_id) === $_POST['_bbp_unfiltered_html_reply']) {
        remove_filter('bbp_edit_reply_pre_title', 'wp_filter_kses');
        remove_filter('bbp_edit_reply_pre_content', 'bbp_encode_bad', 10);
        remove_filter('bbp_edit_reply_pre_content', 'bbp_filter_kses', 30);
    }
    /** Reply Topic ***********************************************************/
    $topic_id = bbp_get_reply_topic_id($reply_id);
    /** Topic Forum ***********************************************************/
    $forum_id = bbp_get_topic_forum_id($topic_id);
    // Forum exists
    if (!empty($forum_id) && $forum_id !== bbp_get_reply_forum_id($reply_id)) {
        // Forum is a category
        if (bbp_is_forum_category($forum_id)) {
            bbp_add_error('bbp_edit_reply_forum_category', __('<strong>ERROR</strong>: This forum is a category. No replies can be created in this forum.', 'bbpress'));
            // Forum is not a category
        } else {
            // Forum is closed and user cannot access
            if (bbp_is_forum_closed($forum_id) && !current_user_can('edit_forum', $forum_id)) {
                bbp_add_error('bbp_edit_reply_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new replies.', 'bbpress'));
            }
            // Forum is private and user cannot access
            if (bbp_is_forum_private($forum_id)) {
                if (!current_user_can('read_private_forums')) {
                    bbp_add_error('bbp_edit_reply_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new replies in it.', 'bbpress'));
                }
                // Forum is hidden and user cannot access
            } elseif (bbp_is_forum_hidden($forum_id)) {
                if (!current_user_can('read_hidden_forums')) {
                    bbp_add_error('bbp_edit_reply_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new replies in it.', 'bbpress'));
                }
            }
        }
    }
    /** Reply Title ***********************************************************/
    if (!empty($_POST['bbp_reply_title'])) {
        $reply_title = esc_attr(strip_tags($_POST['bbp_reply_title']));
    }
    // Filter and sanitize
    $reply_title = apply_filters('bbp_edit_reply_pre_title', $reply_title, $reply_id);
    /** Reply Content *********************************************************/
    if (!empty($_POST['bbp_reply_content'])) {
        $reply_content = $_POST['bbp_reply_content'];
    }
    // Filter and sanitize
    $reply_content = apply_filters('bbp_edit_reply_pre_content', $reply_content, $reply_id);
    // No reply content
    if (empty($reply_content)) {
        bbp_add_error('bbp_edit_reply_content', __('<strong>ERROR</strong>: Your reply cannot be empty.', 'bbpress'));
    }
    /** Reply Blacklist *******************************************************/
    if (!bbp_check_for_blacklist($anonymous_data, $reply_author, $reply_title, $reply_content)) {
        bbp_add_error('bbp_reply_blacklist', __('<strong>ERROR</strong>: Your reply cannot be edited at this time.', 'bbpress'));
    }
    /** Reply Status **********************************************************/
    // Maybe put into moderation
    if (!bbp_check_for_moderation($anonymous_data, $reply_author, $reply_title, $reply_content)) {
        // Set post status to pending if public
        if (bbp_get_public_status_id() === $reply->post_status) {
            $reply_status = bbp_get_pending_status_id();
        }
        // Use existing post_status
    } else {
        $reply_status = $reply->post_status;
    }
    /** Reply To **************************************************************/
    // Handle Reply To of the reply; $_REQUEST for non-JS submissions
    if (isset($_REQUEST['bbp_reply_to'])) {
        $reply_to = bbp_validate_reply_to($_REQUEST['bbp_reply_to']);
    }
    /** Topic Tags ************************************************************/
    // Either replace terms
    if (bbp_allow_topic_tags() && current_user_can('assign_topic_tags') && !empty($_POST['bbp_topic_tags'])) {
        $terms = esc_attr(strip_tags($_POST['bbp_topic_tags']));
        // ...or remove them.
    } elseif (isset($_POST['bbp_topic_tags'])) {
        $terms = '';
        // Existing terms
    } else {
        $terms = bbp_get_topic_tag_names($topic_id);
    }
    /** Additional Actions (Before Save) **************************************/
    do_action('bbp_edit_reply_pre_extras', $reply_id);
    // Bail if errors
    if (bbp_has_errors()) {
        return;
    }
    /** No Errors *************************************************************/
    // Add the content of the form to $reply_data as an array
    // Just in time manipulation of reply data before being edited
    $reply_data = apply_filters('bbp_edit_reply_pre_insert', array('ID' => $reply_id, 'post_title' => $reply_title, 'post_content' => $reply_content, 'post_status' => $reply_status, 'post_parent' => $topic_id, 'post_author' => $reply_author, 'post_type' => bbp_get_reply_post_type()));
    // Toggle revisions to avoid duplicates
    if (post_type_supports(bbp_get_reply_post_type(), 'revisions')) {
        $revisions_removed = true;
        remove_post_type_support(bbp_get_reply_post_type(), 'revisions');
    }
    // Insert topic
    $reply_id = wp_update_post($reply_data);
    // Toggle revisions back on
    if (true === $revisions_removed) {
        $revisions_removed = false;
        add_post_type_support(bbp_get_reply_post_type(), 'revisions');
    }
    /** Topic Tags ************************************************************/
    // Just in time manipulation of reply terms before being edited
    $terms = apply_filters('bbp_edit_reply_pre_set_terms', $terms, $topic_id, $reply_id);
    // Insert terms
    $terms = wp_set_post_terms($topic_id, $terms, bbp_get_topic_tag_tax_id(), false);
    // Term error
    if (is_wp_error($terms)) {
        bbp_add_error('bbp_reply_tags', __('<strong>ERROR</strong>: There was a problem adding the tags to the topic.', 'bbpress'));
    }
    /** Revisions *************************************************************/
    // Revision Reason
    if (!empty($_POST['bbp_reply_edit_reason'])) {
        $reply_edit_reason = esc_attr(strip_tags($_POST['bbp_reply_edit_reason']));
    }
    // Update revision log
    if (!empty($_POST['bbp_log_reply_edit']) && "1" === $_POST['bbp_log_reply_edit']) {
        $revision_id = wp_save_post_revision($reply_id);
        if (!empty($revision_id)) {
            bbp_update_reply_revision_log(array('reply_id' => $reply_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $reply_edit_reason));
        }
    }
    /** No Errors *************************************************************/
    if (!empty($reply_id) && !is_wp_error($reply_id)) {
        // Update counts, etc...
        do_action('bbp_edit_reply', $reply_id, $topic_id, $forum_id, $anonymous_data, $reply_author, true, $reply_to);
        /** Additional Actions (After Save) ***********************************/
        do_action('bbp_edit_reply_post_extras', $reply_id);
        /** Redirect **********************************************************/
        // Redirect to
        $redirect_to = bbp_get_redirect_to();
        // Get the reply URL
        $reply_url = bbp_get_reply_url($reply_id, $redirect_to);
        // Allow to be filtered
        $reply_url = apply_filters('bbp_edit_reply_redirect_to', $reply_url, $redirect_to);
        /** Successful Edit ***************************************************/
        // Redirect back to new reply
        wp_safe_redirect($reply_url);
        // For good measure
        exit;
        /** Errors ****************************************************************/
    } else {
        $append_error = is_wp_error($reply_id) && $reply_id->get_error_message() ? $reply_id->get_error_message() . ' ' : '';
        bbp_add_error('bbp_reply_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your reply:' . $append_error . 'Please try again.', 'bbpress'));
    }
}
Ejemplo n.º 4
0
 /**
  * @covers ::bbp_check_for_moderation
  */
 public function test_should_return_false_when_html_wrapped_content_matches_moderation_keys()
 {
     $u = $this->factory->user->create();
     $t = $this->factory->topic->create(array('post_author' => $u, 'post_title' => 'Sting', 'post_content' => 'Beware, there maybe bees <strong>hiber</strong><em>nating</em>.'));
     $anonymous_data = false;
     $author_id = bbp_get_topic_author_id($t);
     $title = bbp_get_topic_title($t);
     $content = bbp_get_topic_content($t);
     update_option('moderation_keys', "hibernating\nfoo");
     $result = bbp_check_for_moderation($anonymous_data, $author_id, $title, $content);
     $this->assertFalse($result);
 }
 /**
  * Post new topic by email handler.
  *
  * For bbPress, the logic in this method is the same as {@link bbp_new_topic_handler()}.
  * It's duplicated because bbPress doesn't utilize hooks for verifying topics.
  *
  * @todo No fancy support for topic tags, subscriptions yet. Will probably need shortcodes.
  *
  * @param array $data {
  *     An array of arguments.
  *
  *     @type array $headers Email headers.
  *     @type string $content The email body content.
  *     @type string $subject The email subject line.
  *     @type int $user_id The user ID who sent the email.
  *     @type bool $is_html Whether the email content is HTML or not.
  *     @type int $i The email message number.
  * }
  * @param array $params Parsed paramaters from the email address querystring.
  *   See {@link BP_Reply_By_Email_Parser::get_parameters()}.
  * @return array|object Array of the parsed item on success. WP_Error object
  *  on failure.
  */
 private function post_new_topic($data, $params)
 {
     //private function post_new_topic( $connection, $i, $headers, $params, $body, $topic_author ) {
     /** SETUP DATA ***************************************************/
     $i = $data['i'];
     $topic_author = $data['user_id'];
     $forum_id = $params[$this->forum_id_param];
     /* current email is a bbPress new topic, let's proceed! */
     // let RBE know that we're in the process of rendering a bbP new topic
     // BuddyPress group new topic
     if (!empty($params[$this->item_id_param])) {
         bp_rbe_log('Message #' . $i . ': this is a bbPress group forum new topic');
         // bbPress
     } else {
         bp_rbe_log('Message #' . $i . ': this is a bbPress new topic');
     }
     // other variables
     $anonymous_data = 0;
     /** GROUP PERMISSIONS ********************************************/
     // posting from a BP group
     if (!empty($params[$this->item_id_param])) {
         global $bp;
         // set group ID and cache it in global for later use
         // $bp->rbe->temp->group_id gets passed to the set_group_id() method later on
         $group_id = $bp->rbe->temp->group_id = $params[$this->item_id_param];
         // get all group member data for the user in one swoop!
         $group_member_data = bp_rbe_get_group_member_info($topic_author, $group_id);
         // user is not a member of the group anymore
         if (empty($group_member_data)) {
             //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'user_not_group_member' );
             return new WP_Error('user_not_group_member', '', $data);
         }
         // user is banned from group
         if ((int) $group_member_data->is_banned == 1) {
             //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'user_banned_from_group' );
             return new WP_Error('user_banned_from_group', '', $data);
         }
         // override groups_get_current_group() with our cached group ID
         add_filter('groups_get_current_group', array($this, 'set_group_id'));
         // temporarily add some GES filters here
         add_filter('bp_ass_activity_notification_subject', 'wp_specialchars_decode');
         add_filter('bp_ass_activity_notification_content', 'wp_specialchars_decode');
     }
     /** TOPIC / FORUM PERMISSIONS ************************************/
     // Allow member to pass default cap checks.
     // The reason why we keep the user_can() checks below is b/c bbPress
     // plugins may disable cap access for a specific user if they have hooked into
     // the 'bbp_map_meta_caps' filter.
     add_filter('bbp_map_meta_caps', array($this, 'map_forum_meta_caps'), 5, 4);
     // User cannot create topics
     if (!user_can($topic_author, 'publish_topics')) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_permissions' );
         return new WP_Error('bbp_topic_permissions', '', $data);
     }
     // Forum is a category
     if (bbp_is_forum_category($forum_id)) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_category' );
         //bbp_add_error( 'bbp_edit_topic_forum_category', __( '<strong>ERROR</strong>: This forum is a category. No topics can be created in this forum.', 'bbpress' ) );
         return new WP_Error('bbp_edit_topic_forum_category', '', $data);
         // Forum is not a category
     } else {
         // Forum is closed and user cannot access
         if (bbp_is_forum_closed($forum_id) && !user_can($topic_author, 'edit_forum')) {
             //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_closed' );
             //bbp_add_error( 'bbp_edit_topic_forum_closed', __( '<strong>ERROR</strong>: This forum has been closed to new topics.', 'bbpress' ) );
             return new WP_Error('bbp_edit_topic_forum_closed', '', $data);
         }
         // Forum is private and user cannot access
         if (bbp_is_forum_private($forum_id)) {
             if (!user_can($topic_author, 'read_private_forums')) {
                 //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_private' );
                 //bbp_add_error( 'bbp_edit_topic_forum_private', __( '<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new topics in it.', 'bbpress' ) );
                 return new WP_Error('bbp_edit_topic_forum_private', '', $data);
             }
         }
         // Forum is hidden and user cannot access
         if (bbp_is_forum_hidden($forum_id)) {
             if (!user_can($topic_author, 'read_hidden_forums')) {
                 //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_hidden' );
                 //bbp_add_error( 'bbp_edit_topic_forum_hidden', __( '<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new topics in it.', 'bbpress' ) );
                 return new WP_Error('bbp_edit_topic_forum_hidden', '', $data);
             }
         }
     }
     /** UNFILTERED HTML **********************************************/
     // Remove wp_filter_kses filters from title and content for capable users
     if (user_can($topic_author, 'unfiltered_html')) {
         remove_filter('bbp_new_topic_pre_title', 'wp_filter_kses');
         remove_filter('bbp_new_topic_pre_content', 'wp_filter_kses');
     }
     /** TOPIC DATA ***************************************************/
     $topic_content = $data['content'];
     $topic_title = $data['subject'];
     bp_rbe_log('Message #' . $i . ': body contents - ' . $topic_content);
     bp_rbe_log('Subject - ' . $topic_title);
     if (empty($topic_content) || empty($topic_title)) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_new_forum_topic_empty' );
         return new WP_Error('bbp_new_forum_topic_empty', '', $data);
     }
     // Filter and sanitize
     $topic_title = apply_filters('bbp_new_topic_pre_title', $topic_title);
     $topic_content = apply_filters('bbp_new_topic_pre_content', $topic_content);
     /** Topic Tags ****************************************************/
     /* TODO
     		if ( bbp_allow_topic_tags() ) {
     
     			// Escape tag input
     			$terms = esc_attr( strip_tags( $_POST['bbp_topic_tags'] ) );
     
     			// Explode by comma
     			if ( strstr( $terms, ',' ) ) {
     				$terms = explode( ',', $terms );
     			}
     
     			// Add topic tag ID as main key
     			$terms = array( bbp_get_topic_tag_tax_id() => $terms );
     		}
     		*/
     /** TOPIC MODERATION *********************************************/
     // Post Flooding
     if (!bbp_check_for_flood($anonymous_data, $topic_author)) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_flood' );
         //bbp_add_error( 'bbp_reply_flood', __( '<strong>ERROR</strong>: Slow down; you move too fast.', 'bbpress' ) );
         return new WP_Error('bbp_topic_flood', '', $data);
     }
     // Topic Duplicate
     if (!bbp_check_for_duplicate(array('post_type' => bbp_get_topic_post_type(), 'post_author' => $topic_author, 'post_content' => $topic_content, 'anonymous_data' => $anonymous_data))) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_duplicate' );
         return new WP_Error('bbp_topic_duplicate', '', $data);
     }
     // Topic Blacklist
     if (!bbp_check_for_blacklist($anonymous_data, $topic_author, $topic_title, $topic_content)) {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_blacklist' );
         return new WP_Error('bbp_topic_blacklist', '', $data);
     }
     // Topic Status
     // Maybe put into moderation
     if (!bbp_check_for_moderation($anonymous_data, $topic_author, $topic_title, $topic_content)) {
         $topic_status = bbp_get_pending_status_id();
         // Default
     } else {
         $topic_status = bbp_get_public_status_id();
     }
     /** POSTING TIME! ************************************************/
     // bbP hook before save
     do_action('bbp_new_topic_pre_extras', $forum_id);
     // Setup reply data
     $topic_data = apply_filters('bbp_new_topic_pre_insert', array('post_author' => $topic_author, 'post_title' => $topic_title, 'post_content' => $topic_content, 'post_status' => $topic_status, 'post_parent' => $forum_id, 'post_type' => bbp_get_topic_post_type(), 'comment_status' => 'closed'));
     // Insert topic
     $topic_id = wp_insert_post($topic_data);
     // Topic posted!
     if (!is_wp_error($topic_id)) {
         // more internal logging
         bp_rbe_log('Message #' . $i . ': bbPress topic successfully posted!');
         // Problem posting
     } else {
         //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_error' );
         return new WP_Error('bbp_topic_error', '', $data);
     }
     /** AFTER POSTING ************************************************/
     // stuff that needs to happen after a bbP topic is posted occurs here... bbP
     // should preferably do the following at the 'bbp_new_reply' hook, until then
     // do what bbP does inline.
     // Trash Check ////////////////////////////////////////////////////
     // If the forum is trash, or the topic_status is switched to
     // trash, trash it properly
     if (get_post_field('post_status', $forum_id) == bbp_get_trash_status_id() || $topic_data['post_status'] == bbp_get_trash_status_id()) {
         // Trash the reply
         wp_trash_post($topic_id);
     }
     // Spam Check /////////////////////////////////////////////////////
     // If reply or topic are spam, officially spam this reply
     if ($topic_data['post_status'] == bbp_get_spam_status_id()) {
         add_post_meta($topic_id, '_bbp_spam_meta_status', bbp_get_public_status_id());
     }
     // Reply By Email /////////////////////////////////////////////////
     // Add a RBE marker to the post's meta
     // Could potentially show that post was made via email on the frontend
     add_post_meta($topic_id, 'bp_rbe', 1);
     /** POST HOOKS ***************************************************/
     // RBE Custom Hooks ///////////////////////////////////////////////
     // change activity action
     add_filter('bbp_before_record_activity_parse_args', array($this, 'change_activity_action'));
     // add RBE's special activity hook
     add_action('bp_activity_after_save', array($this, 'activity_rbe_hook'));
     // bbPress Topic Hooks ////////////////////////////////////////////
     do_action('bbp_new_topic', $topic_id, $forum_id, $anonymous_data, $topic_author);
     do_action('bbp_new_topic_post_extras', $topic_id);
     return array('bbp_topic_id' => $topic_id);
 }