_e('Capabilities', 'buddypress');
?>
</h3>
<form action="<?php
echo bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/';
?>
" name="account-capabilities-form" id="account-capabilities-form" class="standard-form" method="post">
<?php
do_action('bp_members_capabilities_account_before_submit');
?>
<label>
<input type="checkbox" name="user-spammer" id="user-spammer" value="1" <?php
checked(bp_is_user_spammer(bp_displayed_user_id()));
?>
/>
<?php
_e('This user is a spammer.', 'buddypress');
?>
</label>
<div class="submit">
<input type="submit" value="<?php
_e('Save', 'buddypress');
?>
" id="capabilities-submit" name="capabilities-submit" />
</div>
<?php
/**
* As BuddyPress brings a "spam user" feature to regular configs,
* let's use it!
*
* @since 2.3.0
*
* @param bool $is_spammer whether the user is a spammer or not
* @param WP_User $user the WordPress User Object
* @return bool Whether the user is a spammer or not
*/
function wp_idea_stream_buddypress_is_spammy($is_spammer, $user = null)
{
if (empty($user->ID)) {
return $is_spammer;
}
return bp_is_user_spammer($user->ID);
}
/**
* Checks if user is active
*
* @since BuddyPress (1.6)
*
* @uses is_user_logged_in() To check if user is logged in
* @uses bp_loggedin_user_id() To get current user ID
* @uses bp_is_user_spammer() To check if user is spammer
* @uses bp_is_user_deleted() To check if user is deleted
*
* @param int $user_id The user ID to check
* @return bool True if public, false if not
*/
function bp_is_user_active($user_id = 0)
{
// Default to current user
if (empty($user_id) && is_user_logged_in()) {
$user_id = bp_loggedin_user_id();
}
// No user to check
if (empty($user_id)) {
return false;
}
// Check spam
if (bp_is_user_spammer($user_id)) {
return false;
}
// Check deleted
if (bp_is_user_deleted($user_id)) {
return false;
}
// Assume true if not spam or deleted
return true;
}
/**
* Render the Status metabox for user's profile screen.
*
* Actions are:
* - Update profile fields if xProfile component is active
* - Spam/Unspam user
*
* @since 2.0.0
*
* @param WP_User|null $user The WP_User object to be edited.
*/
public function user_admin_status_metabox($user = null)
{
// Bail if no user id or if the user has not activated their account yet.
if (empty($user->ID)) {
return;
}
// Bail if user has not been activated yet (how did you get here?).
if (isset($user->user_status) && 2 == $user->user_status) {
?>
<p class="not-activated"><?php
esc_html_e('User account has not yet been activated', 'buddypress');
?>
</p><br/>
<?php
return;
}
?>
<div class="submitbox" id="submitcomment">
<div id="minor-publishing">
<div id="misc-publishing-actions">
<?php
// Get the spam status once here to compare against below.
$is_spammer = bp_is_user_spammer($user->ID);
/**
* In configs where BuddyPress is not network activated,
* regular admins cannot mark a user as a spammer on front
* end. This prevent them to do it in backend.
*
* Also prevent admins from marking themselves or other
* admins as spammers.
*/
if (empty($this->is_self_profile) && !in_array($user->user_login, get_super_admins()) && empty($this->subsite_activated) || !empty($this->subsite_activated) && current_user_can('manage_network_users')) {
?>
<div class="misc-pub-section" id="comment-status-radio">
<label class="approved"><input type="radio" name="user_status" value="ham" <?php
checked($is_spammer, false);
?>
><?php
esc_html_e('Active', 'buddypress');
?>
</label><br />
<label class="spam"><input type="radio" name="user_status" value="spam" <?php
checked($is_spammer, true);
?>
><?php
esc_html_e('Spammer', 'buddypress');
?>
</label>
</div>
<?php
}
?>
<div class="misc-pub-section curtime misc-pub-section-last">
<?php
// Translators: Publish box date format, see http://php.net/date.
$datef = __('M j, Y @ G:i', 'buddypress');
$date = date_i18n($datef, strtotime($user->user_registered));
?>
<span id="timestamp"><?php
printf(__('Registered on: %s', 'buddypress'), '<strong>' . $date . '</strong>');
?>
</span>
</div>
</div> <!-- #misc-publishing-actions -->
<div class="clear"></div>
</div><!-- #minor-publishing -->
<div id="major-publishing-actions">
<div id="publishing-action">
<a class="button bp-view-profile" href="<?php
echo esc_url(bp_core_get_user_domain($user->ID));
?>
" target="_blank"><?php
esc_html_e('View Profile', 'buddypress');
?>
</a>
<?php
submit_button(esc_html__('Update Profile', 'buddypress'), 'primary', 'save', false);
?>
</div>
<div class="clear"></div>
</div><!-- #major-publishing-actions -->
</div><!-- #submitcomment -->
<?php
}
/**
* Setup globals
*
* The BP_MEMBERS_SLUG constant is deprecated, and only used here for
* backwards compatibility.
*
* @since BuddyPress (1.5)
*/
public function setup_globals($args = array())
{
$bp = buddypress();
// Define a slug, if necessary
if (!defined('BP_MEMBERS_SLUG')) {
define('BP_MEMBERS_SLUG', $this->id);
}
$members_globals = array('slug' => BP_MEMBERS_SLUG, 'root_slug' => isset($bp->pages->members->slug) ? $bp->pages->members->slug : BP_MEMBERS_SLUG, 'has_directory' => true, 'directory_title' => _x('Members', 'component directory title', 'buddypress'), 'global_tables' => array('table_name_last_activity' => bp_core_get_table_prefix() . 'bp_activity', 'table_name_signups' => bp_core_get_table_prefix() . 'signups'), 'search_string' => __('Search Members...', 'buddypress'));
parent::setup_globals($members_globals);
/** Logged in user ****************************************************/
// Fetch the full name for the logged in user
$bp->loggedin_user->fullname = bp_core_get_user_displayname(bp_loggedin_user_id());
// Hits the DB on single WP installs so get this separately
$bp->loggedin_user->is_super_admin = $bp->loggedin_user->is_site_admin = is_super_admin(bp_loggedin_user_id());
// The domain for the user currently logged in. eg: http://domain.com/members/andy
$bp->loggedin_user->domain = bp_core_get_user_domain(bp_loggedin_user_id());
// The core userdata of the user who is currently logged in.
$bp->loggedin_user->userdata = bp_core_get_core_userdata(bp_loggedin_user_id());
/** Displayed user ****************************************************/
// The domain for the user currently being displayed
$bp->displayed_user->domain = bp_core_get_user_domain(bp_displayed_user_id());
// The core userdata of the user who is currently being displayed
$bp->displayed_user->userdata = bp_core_get_core_userdata(bp_displayed_user_id());
// Fetch the full name displayed user
$bp->displayed_user->fullname = bp_core_get_user_displayname(bp_displayed_user_id());
/** Signup ***************************************************/
$bp->signup = new stdClass();
/** Profiles Fallback *************************************************/
if (!bp_is_active('xprofile')) {
$bp->profile = new stdClass();
$bp->profile->slug = 'profile';
$bp->profile->id = 'profile';
}
/** Default Profile Component *****************************************/
if (!defined('BP_DEFAULT_COMPONENT')) {
if (bp_is_active('activity') && isset($bp->pages->activity)) {
$bp->default_component = bp_get_activity_slug();
} else {
$bp->default_component = 'xprofile' === $bp->profile->id ? 'profile' : $bp->profile->id;
}
} else {
$bp->default_component = BP_DEFAULT_COMPONENT;
}
if (bp_displayed_user_id()) {
$bp->canonical_stack['base_url'] = bp_displayed_user_domain();
if (bp_current_component()) {
$bp->canonical_stack['component'] = bp_current_component();
}
if (bp_current_action()) {
$bp->canonical_stack['action'] = bp_current_action();
}
if (!empty($bp->action_variables)) {
$bp->canonical_stack['action_variables'] = bp_action_variables();
}
if (!bp_current_component()) {
$bp->current_component = $bp->default_component;
} else {
if (bp_is_current_component($bp->default_component) && !bp_current_action()) {
// The canonical URL will not contain the default component
unset($bp->canonical_stack['component']);
}
}
// if we're on a spammer's profile page, only users with the 'bp_moderate' cap
// can view subpages on the spammer's profile
//
// users without the cap trying to access a spammer's subnav page will get
// redirected to the root of the spammer's profile page. this occurs by
// by removing the component in the canonical stack.
if (bp_is_user_spammer(bp_displayed_user_id()) && !bp_current_user_can('bp_moderate')) {
unset($bp->canonical_stack['component']);
}
}
}
/**
* @deprecated 1.6.0
*/
function bp_core_is_user_spammer($user_id = 0)
{
_deprecated_function(__FUNCTION__, '1.6');
bp_is_user_spammer($user_id);
}
/**
* Add "Mark as Spam/Ham" button to user row actions.
*
* @since 2.0.0
*
* @param array $actions User row action links.
* @param object $user_object Current user information.
* @return array $actions User row action links.
*/
function bp_core_admin_user_row_actions($actions, $user_object)
{
// Setup the $user_id variable from the current user object.
$user_id = 0;
if (!empty($user_object->ID)) {
$user_id = absint($user_object->ID);
}
// Bail early if user cannot perform this action, or is looking at themselves.
if (current_user_can('edit_user', $user_id) && bp_loggedin_user_id() !== $user_id) {
// Admin URL could be single site or network.
$url = bp_get_admin_url('users.php');
// If spammed, create unspam link.
if (bp_is_user_spammer($user_id)) {
$url = add_query_arg(array('action' => 'ham', 'user' => $user_id), $url);
$unspam_link = wp_nonce_url($url, 'bp-spam-user');
$actions['ham'] = sprintf('<a href="%1$s">%2$s</a>', esc_url($unspam_link), esc_html__('Not Spam', 'buddypress'));
// If not already spammed, create spam link.
} else {
$url = add_query_arg(array('action' => 'spam', 'user' => $user_id), $url);
$spam_link = wp_nonce_url($url, 'bp-spam-user');
$actions['spam'] = sprintf('<a class="submitdelete" href="%1$s">%2$s</a>', esc_url($spam_link), esc_html__('Spam', 'buddypress'));
}
}
// Create a "View" link.
$url = bp_core_get_user_domain($user_id);
$actions['view'] = sprintf('<a href="%1$s">%2$s</a>', esc_url($url), esc_html__('View', 'buddypress'));
// Return new actions.
return $actions;
}
/**
* Analyzes the URI structure and breaks it down into parts for use in code.
* BuddyPress can use complete custom friendly URI's without the user having to
* add new re-write rules. Custom components are able to use their own custom
* URI structures with very little work.
*
* @package BuddyPress Core
* @since BuddyPress (r100)
*
* The URI's are broken down as follows:
* - http:// domain.com / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
* - OUTSIDE ROOT: http:// domain.com / sites / buddypress / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
*
* Example:
* - http://domain.com/members/andy/profile/edit/group/5/
* - $bp->current_component: string 'xprofile'
* - $bp->current_action: string 'edit'
* - $bp->action_variables: array ['group', 5]
*
*/
function bp_core_set_uri_globals()
{
global $bp, $current_blog, $wpdb;
// Don't catch URIs on non-root blogs unless multiblog mode is on
if (!bp_is_root_blog() && !bp_is_multiblog_mode()) {
return false;
}
// Define local variables
$root_profile = $match = false;
$key_slugs = $matches = $uri_chunks = array();
// Fetch all the WP page names for each component
if (empty($bp->pages)) {
$bp->pages = bp_core_get_directory_pages();
}
// Ajax or not?
if (strpos($_SERVER['REQUEST_URI'], 'wp-load.php')) {
$path = bp_core_referrer();
} else {
$path = esc_url($_SERVER['REQUEST_URI']);
}
// Filter the path
$path = apply_filters('bp_uri', $path);
// Take GET variables off the URL to avoid problems
$path = strtok($path, '?');
// Fetch current URI and explode each part separated by '/' into an array
$bp_uri = explode('/', $path);
// Loop and remove empties
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (empty($bp_uri[$key])) {
unset($bp_uri[$key]);
}
}
// If running off blog other than root, any subdirectory names must be
// removed from $bp_uri. This includes two cases:
//
// 1. when WP is installed in a subdirectory,
// 2. when BP is running on secondary blog of a subdirectory
// multisite installation. Phew!
if (is_multisite() && !is_subdomain_install() && (bp_is_multiblog_mode() || 1 != bp_get_root_blog_id())) {
// Blow chunks
$chunks = explode('/', $current_blog->path);
// If chunks exist...
if (!empty($chunks)) {
// ...loop through them...
foreach ($chunks as $key => $chunk) {
$bkey = array_search($chunk, $bp_uri);
// ...and unset offending keys
if (false !== $bkey) {
unset($bp_uri[$bkey]);
}
$bp_uri = array_values($bp_uri);
}
}
}
// Get site path items
$paths = explode('/', bp_core_get_site_path());
// Take empties off the end of path
if (empty($paths[count($paths) - 1])) {
array_pop($paths);
}
// Take empties off the start of path
if (empty($paths[0])) {
array_shift($paths);
}
// Unset URI indices if they intersect with the paths
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (in_array($uri_chunk, $paths)) {
unset($bp_uri[$key]);
}
}
// Reset the keys by merging with an empty array
$bp_uri = array_merge(array(), $bp_uri);
// If a component is set to the front page, force its name into $bp_uri
// so that $current_component is populated
if ('page' == get_option('show_on_front') && get_option('page_on_front') && empty($bp_uri)) {
$post = get_post(get_option('page_on_front'));
if (!empty($post)) {
$bp_uri[0] = $post->post_name;
}
}
// Keep the unfiltered URI safe
$bp->unfiltered_uri = $bp_uri;
// Get slugs of pages into array
foreach ((array) $bp->pages as $page_key => $bp_page) {
$key_slugs[$page_key] = trailingslashit('/' . $bp_page->slug);
}
// Bail if keyslugs are empty, as BP is not setup correct
if (empty($key_slugs)) {
return;
}
// Loop through page slugs and look for exact match to path
foreach ($key_slugs as $key => $slug) {
if ($slug == $path) {
$match = $bp->pages->{$key};
$match->key = $key;
$matches[] = 1;
break;
}
}
// No exact match, so look for partials
if (empty($match)) {
// Loop through each page in the $bp->pages global
foreach ((array) $bp->pages as $page_key => $bp_page) {
// Look for a match (check members first)
if (in_array($bp_page->name, (array) $bp_uri)) {
// Match found, now match the slug to make sure.
$uri_chunks = explode('/', $bp_page->slug);
// Loop through uri_chunks
foreach ((array) $uri_chunks as $key => $uri_chunk) {
// Make sure chunk is in the correct position
if (!empty($bp_uri[$key]) && $bp_uri[$key] == $uri_chunk) {
$matches[] = 1;
// No match
} else {
$matches[] = 0;
}
}
// Have a match
if (!in_array(0, (array) $matches)) {
$match = $bp_page;
$match->key = $page_key;
break;
}
// Unset matches
unset($matches);
}
// Unset uri chunks
unset($uri_chunks);
}
}
// URLs with BP_ENABLE_ROOT_PROFILES enabled won't be caught above
if (empty($matches) && bp_core_enable_root_profiles()) {
// Make sure there's a user corresponding to $bp_uri[0]
if (!empty($bp->pages->members) && !empty($bp_uri[0]) && ($root_profile = get_user_by('login', $bp_uri[0]))) {
// Force BP to recognize that this is a members page
$matches[] = 1;
$match = $bp->pages->members;
$match->key = 'members';
// Without the 'members' URL chunk, WordPress won't know which page to load
// This filter intercepts the WP query and tells it to load the members page
add_filter('request', create_function('$query_args', '$query_args["pagename"] = "' . $match->name . '"; return $query_args;'));
}
}
// Search doesn't have an associated page, so we check for it separately
if (!empty($bp_uri[0]) && bp_get_search_slug() == $bp_uri[0]) {
$matches[] = 1;
$match = new stdClass();
$match->key = 'search';
$match->slug = bp_get_search_slug();
}
// This is not a BuddyPress page, so just return.
if (!isset($matches)) {
return false;
}
// Find the offset. With $root_profile set, we fudge the offset down so later parsing works
$slug = !empty($match) ? explode('/', $match->slug) : '';
$uri_offset = empty($root_profile) ? 0 : -1;
// Rejig the offset
if (!empty($slug) && 1 < count($slug)) {
array_pop($slug);
$uri_offset = count($slug);
}
// Global the unfiltered offset to use in bp_core_load_template().
// To avoid PHP warnings in bp_core_load_template(), it must always be >= 0
$bp->unfiltered_uri_offset = $uri_offset >= 0 ? $uri_offset : 0;
// We have an exact match
if (isset($match->key)) {
// Set current component to matched key
$bp->current_component = $match->key;
// If members component, do more work to find the actual component
if ('members' == $match->key) {
// Viewing a specific user
if (!empty($bp_uri[$uri_offset + 1])) {
// Switch the displayed_user based on compatbility mode
if (bp_is_username_compatibility_mode()) {
$bp->displayed_user->id = (int) bp_core_get_userid(urldecode($bp_uri[$uri_offset + 1]));
} else {
$bp->displayed_user->id = (int) bp_core_get_userid_from_nicename(urldecode($bp_uri[$uri_offset + 1]));
}
if (!bp_displayed_user_id()) {
// Prevent components from loading their templates
$bp->current_component = '';
bp_do_404();
return;
}
// If the displayed user is marked as a spammer, 404 (unless logged-
// in user is a super admin)
if (bp_displayed_user_id() && bp_is_user_spammer(bp_displayed_user_id())) {
if (bp_current_user_can('bp_moderate')) {
bp_core_add_message(__('This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress'), 'warning');
} else {
bp_do_404();
return;
}
}
// Bump the offset
if (isset($bp_uri[$uri_offset + 2])) {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = $bp_uri[0];
// No component, so default will be picked later
} else {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = '';
}
// Reset the offset
$uri_offset = 0;
}
}
}
// Set the current action
$bp->current_action = isset($bp_uri[$uri_offset + 1]) ? $bp_uri[$uri_offset + 1] : '';
// Slice the rest of the $bp_uri array and reset offset
$bp_uri = array_slice($bp_uri, $uri_offset + 2);
$uri_offset = 0;
// Set the entire URI as the action variables, we will unset the current_component and action in a second
$bp->action_variables = $bp_uri;
// Remove the username from action variables if this is not a VHOST install
// @todo - move or remove this all together
if (defined('VHOST') && 'no' == VHOST && empty($bp->current_component)) {
array_shift($bp_uri);
}
// Reset the keys by merging with an empty array
$bp->action_variables = array_merge(array(), $bp->action_variables);
}
/**
* Render the Status metabox for user's profile screen.
*
* Actions are:
* - Update profile fields if xProfile component is active
* - Spam/Unspam user
*
* @access public
* @since BuddyPress (2.0.0)
*
* @param WP_User $user The WP_User object to be edited.
*/
public function user_admin_status_metabox($user = null)
{
// Bail if no user id or if the user has not activated their account yet
if (empty($user->ID)) {
return;
}
if (isset($user->user_status) && 2 == $user->user_status) {
echo '<p class="not-activated">' . esc_html__('User account has not yet been activated', 'buddypress') . '</p><br/>';
return;
}
?>
<div class="submitbox" id="submitcomment">
<div id="minor-publishing">
<div id="misc-publishing-actions">
<?php
/**
* In configs where BuddyPress is not network activated, regular admins
* cannot mark a user as a spammer on front end. This prevent them to do
* it in backend.
*/
?>
<?php
if (empty($this->subsite_activated) || !empty($this->subsite_activated) && current_user_can('manage_network_users')) {
?>
<div class="misc-pub-section" id="comment-status-radio">
<label class="approved"><input type="radio" name="user_status" value="ham" <?php
checked(bp_is_user_spammer($user->ID), false);
?>
><?php
esc_html_e('Active', 'buddypress');
?>
</label><br />
<label class="spam"><input type="radio" name="user_status" value="spam" <?php
checked(bp_is_user_spammer($user->ID), true);
?>
><?php
esc_html_e('Spammer', 'buddypress');
?>
</label>
</div>
<?php
}
?>
<div class="misc-pub-section curtime misc-pub-section-last">
<?php
// translators: Publish box date format, see http://php.net/date
$datef = __('M j, Y @ G:i', 'buddypress');
$date = date_i18n($datef, strtotime($user->user_registered));
?>
<span id="timestamp"><?php
printf(__('Registered on: <strong>%1$s</strong>', 'buddypress'), $date);
?>
</span>
</div>
</div> <!-- #misc-publishing-actions -->
<div class="clear"></div>
</div><!-- #minor-publishing -->
<div id="major-publishing-actions">
<div id="publishing-action">
<a class="button bp-view-profile" href="<?php
echo esc_url(bp_core_get_user_domain($user->ID));
?>
" target="_blank"><?php
esc_html_e('View Profile', 'buddypress');
?>
</a>
<?php
submit_button(esc_html__('Update Profile', 'buddypress'), 'primary', 'save', false, array('tabindex' => '4'));
?>
</div>
<div class="clear"></div>
</div><!-- #major-publishing-actions -->
</div><!-- #submitcomment -->
<?php
}
/**
* Adds an admin bar menu to any profile page providing site moderator actions
* that allow capable users to clean up a users account.
*
* @package BuddyPress XProfile
* @global $bp BuddyPress
*/
function bp_members_adminbar_admin_menu()
{
global $bp;
// Only show if viewing a user
if (!bp_displayed_user_id()) {
return false;
}
// Don't show this menu to non site admins or if you're viewing your own profile
if (!current_user_can('edit_users') || bp_is_my_profile()) {
return false;
}
?>
<li id="bp-adminbar-adminoptions-menu">
<a href=""><?php
_e('Admin Options', 'buddypress');
?>
</a>
<ul>
<?php
if (bp_is_active('xprofile')) {
?>
<li><a href="<?php
bp_members_component_link('profile', 'edit');
?>
"><?php
printf(__("Edit %s's Profile", 'buddypress'), esc_attr($bp->displayed_user->fullname));
?>
</a></li>
<?php
}
?>
<li><a href="<?php
bp_members_component_link('profile', 'change-avatar');
?>
"><?php
printf(__("Edit %s's Avatar", 'buddypress'), esc_attr($bp->displayed_user->fullname));
?>
</a></li>
<?php
if (!bp_is_user_spammer(bp_displayed_user_id())) {
?>
<li><a href="<?php
echo wp_nonce_url($bp->displayed_user->domain . 'admin/mark-spammer/', 'mark-unmark-spammer');
?>
" class="confirm"><?php
printf(__("Mark as Spammer", 'buddypress'), esc_attr($bp->displayed_user->fullname));
?>
</a></li>
<?php
} else {
?>
<li><a href="<?php
echo wp_nonce_url($bp->displayed_user->domain . 'admin/unmark-spammer/', 'mark-unmark-spammer');
?>
" class="confirm"><?php
_e("Not a Spammer", 'buddypress');
?>
</a></li>
<?php
}
?>
<li><a href="<?php
echo wp_nonce_url($bp->displayed_user->domain . 'admin/delete-user/', 'delete-user');
?>
" class="confirm"><?php
printf(__("Delete %s's Account", 'buddypress'), esc_attr($bp->displayed_user->fullname));
?>
</a></li>
<?php
do_action('bp_members_adminbar_admin_menu');
?>
</ul>
</li>
<?php
}
/**
* Add "Mark as Spam/Ham" button to user row actions.
*
* @since BuddyPress (2.0.0)
*
* @param array $actions User row action links.
* @param object $user_object Current user information.
* @return array $actions User row action links.
*/
function bp_core_admin_user_row_actions($actions, $user_object)
{
if (current_user_can('edit_user', $user_object->ID) && bp_loggedin_user_id() != $user_object->ID) {
$url = bp_get_admin_url('users.php');
if (bp_is_user_spammer($user_object->ID)) {
$actions['ham'] = "<a href='" . wp_nonce_url($url . "?action=ham&user={$user_object->ID}", 'bp-spam-user') . "'>" . __('Not Spam', 'buddypress') . "</a>";
} else {
$actions['spam'] = "<a class='submitdelete' href='" . wp_nonce_url($url . "?action=spam&user={$user_object->ID}", 'bp-spam-user') . "'>" . __('Mark as Spam', 'buddypress') . "</a>";
}
}
return $actions;
}
/**
* Adds the User Admin top-level menu to user pages
*
* @package BuddyPress
* @since 1.5
*/
function bp_members_admin_bar_user_admin_menu()
{
global $bp, $wp_admin_bar;
// Only show if viewing a user
if (!bp_is_user()) {
return false;
}
// Don't show this menu to non site admins or if you're viewing your own profile
if (!current_user_can('edit_users') || bp_is_my_profile()) {
return false;
}
// User avatar
$avatar = bp_core_fetch_avatar(array('item_id' => bp_displayed_user_id(), 'email' => $bp->displayed_user->userdata->user_email, 'width' => 16, 'height' => 16));
// Unique ID for the 'My Account' menu
$bp->user_admin_menu_id = !empty($avatar) ? 'user-admin-with-avatar' : 'user-admin';
// Add the top-level User Admin button
$wp_admin_bar->add_menu(array('id' => $bp->user_admin_menu_id, 'title' => $avatar . bp_get_displayed_user_fullname(), 'href' => bp_displayed_user_domain()));
// User Admin > Edit this user's profile
$wp_admin_bar->add_menu(array('parent' => $bp->user_admin_menu_id, 'id' => 'edit-profile', 'title' => __("Edit Profile", 'buddypress'), 'href' => bp_get_members_component_link('profile', 'edit')));
// User Admin > Edit this user's avatar
$wp_admin_bar->add_menu(array('parent' => $bp->user_admin_menu_id, 'id' => 'change-avatar', 'title' => __("Edit Avatar", 'buddypress'), 'href' => bp_get_members_component_link('profile', 'change-avatar')));
// User Admin > Spam/unspam
if (!bp_is_user_spammer(bp_displayed_user_id())) {
$wp_admin_bar->add_menu(array('parent' => $bp->user_admin_menu_id, 'id' => 'spam-user', 'title' => __('Mark as Spammer', 'buddypress'), 'href' => wp_nonce_url(bp_displayed_user_domain() . 'admin/mark-spammer/', 'mark-unmark-spammer'), 'meta' => array('onclick' => 'confirm(" ' . __('Are you sure you want to mark this user as a spammer?', 'buddypress') . '");')));
} else {
$wp_admin_bar->add_menu(array('parent' => $bp->user_admin_menu_id, 'id' => 'unspam-user', 'title' => __('Not a Spammer', 'buddypress'), 'href' => wp_nonce_url(bp_displayed_user_domain() . 'admin/unmark-spammer/', 'mark-unmark-spammer'), 'meta' => array('onclick' => 'confirm(" ' . __('Are you sure you want to mark this user as not a spammer?', 'buddypress') . '");')));
}
// User Admin > Delete Account
$wp_admin_bar->add_menu(array('parent' => $bp->user_admin_menu_id, 'id' => 'delete-user', 'title' => __('Delete Account', 'buddypress'), 'href' => wp_nonce_url(bp_displayed_user_domain() . 'admin/delete-user/', 'delete-user'), 'meta' => array('onclick' => 'confirm(" ' . __("Are you sure you want to delete this user's account?", 'buddypress') . '");')));
}
/**
* print users view (custom query + contents table)
*/
function view_users()
{
global $bp;
$chk = ' checked="checked"';
$sel = ' selected="selected"';
?>
<form id="bpmod-users-query" class="bpmod-form-query" action="admin.php"
method="get">
<input type="hidden" name="page" value="bp-moderation"/>
<input type="hidden" name="view" value="users"/>
<fieldset>
<legend><?php
_e('Custom Query', 'bp-moderation');
?>
</legend>
<div class="column">
<h4><?php
_e('Filters', 'bp-moderation');
?>
</h4>
<dt>
<input
id='filter-user' <?php
echo isset($_GET['active_filters']['user']) ? $chk : '';
?>
name='active_filters[user]' type='checkbox'/>
<label
for='filter-user'><?php
_e('Specific users', 'bp-moderation');
?>
</label>
</dt>
<dd>
<input id='user' class='line' size='40' type='text'
name='filters[user]' value='<?php
echo empty($_GET['filters']['user']) ? '' : $_GET['filters']['user'];
?>
'/>
<label
for='user'><?php
_e('User ids (comma separeted)', 'bp-moderation');
?>
</label>
</dd>
<?php
$filters = array(array('own_flags', __('Total flags on own contents', 'bp-moderation'), __('Own contents have been flagged for a total of at least %s flags', 'bp-moderation')), array('own_contents', __('Total own contents reported', 'bp-moderation'), __('Own contents have been reported at least %s times', 'bp-moderation')), array('own_ignored', __('Ignored own contents', 'bp-moderation'), __('Own contents have been ignored at least %s times', 'bp-moderation')), array('own_moderated', __('Moderated own contents', 'bp-moderation'), __('Own contents have been moderated at least %s times', 'bp-moderation')), array('others_contents', __('Total contents reported by user', 'bp-moderation'), __('User has been reported at least %s contents', 'bp-moderation')), array('others_ignored', __('Ignored contents reported by user', 'bp-moderation'), __('Contents reported by user have been ignored at least %s times', 'bp-moderation')), array('others_moderated', __('Moderated contents reported by user', 'bp-moderation'), __('Contents reported by user have been moderated at least %s times', 'bp-moderation')));
foreach ($filters as $filter) {
list($slug, $title, $desc) = $filter;
?>
<dt>
<input
id='filter-<?php
echo $slug;
?>
' <?php
echo checked('on', @$_GET['active_filters'][$slug]);
?>
name='active_filters[<?php
echo $slug;
?>
]'
type='checkbox'/>
<label
for='filter-<?php
echo $slug;
?>
'><?php
echo $title;
?>
</label>
</dt>
<dd>
<label
for='<?php
echo $slug;
?>
'><?php
echo sprintf($desc, "<input id='{$slug}' size='4' type='text' name='filters[{$slug}]' value='" . (int) @$_GET['filters'][$slug] . "' />");
?>
</label>
</dd>
<?php
}
?>
</div>
<div class="column">
<h4 class="order-by"><?php
_e('Order', 'bp-moderation');
?>
</h4>
<ol class="order-by">
<?php
$i = 0;
while (0 == $i || !empty($_GET['order'][$i])) {
?>
<li><?php
_e('Order by', 'bp-moderation');
$orby = empty($_GET['order'][$i]['by']) ? 'none' : $_GET['order'][$i]['by'];
$asc = 'DESC' == @$_GET['order'][$i]['dir'] ? 'DESC' : 'ASC';
?>
<!-- XTEC ************ MODIFICAT - Fixed translation of strings -->
<!-- 2014.11.06 @aginard -->
<select name="order[<?php
echo $i;
?>
][by]">
<option<?php
selected('none', $orby);
?>
value="none"><?php
_e('none', 'bp-moderation');
?>
</option>
<option<?php
selected('own_contents', $orby);
?>
value="own_contents"><?php
_e('total own contents reported', 'bp-moderation');
?>
</option>
<option<?php
selected('own_new', $orby);
?>
value="own_new"><?php
_e('pending own contents', 'bp-moderation');
?>
</option>
<option<?php
selected('own_ignored', $orby);
?>
value="own_ignored"><?php
_e('ignored own contents', 'bp-moderation');
?>
</option>
<option<?php
selected('own_moderated', $orby);
?>
value="own_moderated"><?php
_e('moderated own contents', 'bp-moderation');
?>
</option>
<option<?php
selected('own_flags', $orby);
?>
value="own_flags"><?php
_e('total flags on own contents', 'bp-moderation');
?>
</option>
<option<?php
selected('others_contents', $orby);
?>
value="others_contents"><?php
_e('total contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_new', $orby);
?>
value="others_new"><?php
_e('pending contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_ignored', $orby);
?>
value="others_ignored"><?php
_e('ignored contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_moderated', $orby);
?>
value="others_moderated"><?php
_e('moderated contents reported by user', 'bp-moderation');
?>
</option>
</select>
<!-- ************ ORIGINAL
<select name="order[<?php
echo $i;
?>
][by]">
<option<?php
selected('none', $orby);
?>
value="none"><?php
_e('none', 'bp-moderation');
?>
</option>
<option<?php
selected('own_contents', $orby);
?>
value="own_contents"><?php
_e('total own contents reported', 'bp-moderation');
?>
</option>
<option<?php
selected('own_new', $orby);
?>
value="own_new"><?php
_e('pending own contents');
?>
</option>
<option<?php
selected('own_ignored', $orby);
?>
value="own_ignored"><?php
_e('ignored own contents');
?>
</option>
<option<?php
selected('own_moderated', $orby);
?>
value="own_moderated"><?php
_e('moderated own contents');
?>
</option>
<option<?php
selected('own_flags', $orby);
?>
value="own_flags"><?php
_e('total flags on own contents');
?>
</option>
<option<?php
selected('others_contents', $orby);
?>
value="others_contents"><?php
_e('total contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_new', $orby);
?>
value="others_new"><?php
_e('pending contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_ignored', $orby);
?>
value="others_ignored"><?php
_e('ignored contents reported by user', 'bp-moderation');
?>
</option>
<option<?php
selected('others_moderated', $orby);
?>
value="others_moderated"><?php
_e('moderated contents reported by user', 'bp-moderation');
?>
</option>
</select>
-->
<select name="order[<?php
echo $i;
?>
][dir]">
<option<?php
selected('ASC', $asc);
?>
value="ASC">ASC
</option>
<option<?php
selected('DESC', $asc);
?>
value="DESC">DESC
</option>
</select>
</li>
<?php
$i++;
}
?>
</ol>
<h4><?php
_e('Limit', 'bp-moderation');
?>
</h4>
<p><label for='limit'><?php
$input = "<input id='limit' size='4' type='text' name='per_page' value='" . (empty($_GET['per_page']) ? '20' : $_GET['per_page']) . "' />";
echo sprintf(__('Display at most %s users', 'bp-moderation'), $input);
?>
</label>
</p>
<input name="submit" type="submit" class="button-primary"
value="<?php
_e('Query Users', 'bp-moderation');
?>
"/>
</div>
</fieldset>
</form>
<div class="clear"></div>
<?php
extract($this->query_users());
if ($total) {
$page_links = paginate_links(array('base' => add_query_arg('page', '%#%'), 'format' => '', 'prev_text' => __('«'), 'next_text' => __('»'), 'total' => ceil($total / $per_page), 'current' => $page_index + 1));
?>
<form id="bpmod-users-form" class="bpmod-bulk-form" action="admin.php"
method="post">
<div class="tablenav">
<div class="alignleft actions">
<select name="bulk-action">
<option value="-1"
selected="selected"><?php
_e('Bulk Actions', 'bp-moderation');
?>
</option>
<option
value="mark_spammer"><?php
_e('Mark users as spammers', 'bp-moderation');
?>
</option>
<option
value="unmark_spammer"><?php
_e('Mark users as not spammers', 'bp-moderation');
?>
</option>
</select>
<input type="hidden" name="bpmod-action"
value="bulk_users"/>
<?php
wp_nonce_field('bulk_users');
?>
<input type="submit" name="doaction" id="doaction"
value="<?php
esc_attr_e('Apply', 'bp-moderation');
?>
"
class="button-secondary apply"/>
</div>
<div class="tablenav-pages"><?php
if ($page_links) {
echo '<span class="displaying-num">' . sprintf(__('Displaying %s–%s of %s', 'bp-moderation'), number_format_i18n($page_index * $per_page + 1), number_format_i18n(min(($page_index + 1) * $per_page, $total)), '<span class="total-type-count">' . number_format_i18n($total) . '</span>') . "</span>{$page_links}";
}
?>
</div>
</div>
<div class="clear"></div>
<table id="bpmod-users-table" class="widefat bpmod-table fixed"
cellspacing="0">
<thead>
<tr>
<th class="manage-column column-cb check-column"
scope="col"><input type="checkbox"></th>
<th class="manage-column column-author"
scope="col"><?php
_e('User', 'bp-moderation');
?>
</th>
<th class="manage-column column-own-contents"
scope="col"><?php
_e('Own contents reported by others', 'bp-moderation');
?>
</th>
<th class="manage-column column-other-contents"
scope="col"><?php
_e('Contents reported by user', 'bp-moderation');
?>
</th>
</tr>
</thead>
<tfoot>
<tr>
<th class="manage-column column-cb check-column"
scope="col"><input type="checkbox"></th>
<th class="manage-column column-author"
scope="col"><?php
_e('User', 'bp-moderation');
?>
</th>
<th class="manage-column column-own-contents"
scope="col"><?php
_e('Own contents reported by others', 'bp-moderation');
?>
</th>
<th class="manage-column column-other-contents"
scope="col"><?php
_e('Contents reported by user', 'bp-moderation');
?>
</th>
</tr>
</tfoot>
<tbody>
<?php
foreach ($results as $user) {
$author = $this->author_details($user->user_id);
?>
<tr class="">
<th class="check-column"
scope="row"><input
type="checkbox"
value="<?php
echo $user->user_id;
?>
"
name="bulk_items[]"></th>
<td class="column-author">
<strong><?php
echo $author['avatar_img'] . $author['user_link'];
?>
</strong>
<br><?php
echo $author['contact_link'];
?>
<div class="row-actions">
<?php
if (!get_userdata($user->user_id)) {
?>
<span
class="not-a-member"><?php
_e('Unregistered', 'bp-moderation');
?>
</span>
<?php
} elseif (bp_is_user_spammer($user->user_id)) {
?>
<a class="unmark-spammer vim-u"
href="<?php
echo wp_nonce_url("admin.php?bpmod-action=mark_unmark_spammer&user_id={$user->user_id}&set_spam=0", 'mark_unmark_spammer');
?>
"
title="<?php
_e('Mark the author of this content as not spammer', 'bp-moderation');
?>
"><?php
_e('Mark as not spammer', 'bp-moderation');
?>
</a>
<?php
} else {
?>
<a class="mark-spammer vim-s"
href="<?php
echo wp_nonce_url("admin.php?bpmod-action=mark_unmark_spammer&user_id={$user->user_id}&set_spam=1", 'mark_unmark_spammer');
?>
"
title="<?php
_e('Mark the author of this content as spammer', 'bp-moderation');
?>
"><?php
_e('Mark as spammer', 'bp-moderation');
?>
</a>
<?php
}
?>
</div>
</td>
<td class="column-own-contents">
<?php
echo sprintf(_n('%d content from this user has been reported', '%d contents from this user have been reported', $user->own_contents, 'bp-moderation'), $user->own_contents);
if ($user->own_contents) {
?>
<br/>
<strong><?php
_e('New:', 'bp-moderation');
?>
</strong> <?php
echo $user->own_new;
?>
<strong><?php
_e('Ignored:', 'bp-moderation');
?>
</strong> <?php
echo $user->own_ignored;
?>
<strong><?php
_e('Moderated:', 'bp-moderation');
?>
</strong> <?php
echo $user->own_moderated;
?>
<strong><?php
_e('Total flags:', 'bp-moderation');
?>
</strong> <?php
echo $user->own_flags;
}
?>
<div class="row-actions">
<a class="vim-b"
href="admin.php?page=bp-moderation&view=contents&filters[active_filters][item_author]=on&filters[item_author]=<?php
echo $user->user_id;
?>
"
title="<?php
_e('Show the contents from this user that have been reported in the contents view', 'bp-moderation');
?>
"><?php
_e('Show in contents view', 'bp-moderation');
?>
</a>
</div>
</td>
<td class="column-other-contents">
<?php
echo sprintf(_n('this user reported %d content', 'this user reported %d contents', $user->others_contents, 'bp-moderation'), $user->others_contents);
if ($user->others_contents) {
?>
<br/>
<strong><?php
_e('New:', 'bp-moderation');
?>
</strong> <?php
echo $user->others_new;
?>
<strong><?php
_e('Ignored:', 'bp-moderation');
?>
</strong> <?php
echo $user->others_ignored;
?>
<strong><?php
_e('Moderated:', 'bp-moderation');
?>
</strong> <?php
echo $user->others_moderated;
}
?>
<div class="row-actions">
<a class="vim-g"
href="admin.php?page=bp-moderation&view=contents&filters[active_filters][reporters]=on&filters[reporters]=<?php
echo $user->user_id;
?>
"
title="<?php
_e('Show the contents from this user that have been reported in the contents view', 'bp-moderation');
?>
"><?php
_e('Show in contents view', 'bp-moderation');
?>
</a>
</div>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</form>
<?php
$this->print_hotkeys_toggle();
?>
<?php
} else {
_e('No users to display, try a different search', 'bp-moderation');
}
}
/**
* Register the xProfile metabox on Community Profile admin page.
*
* @access public
* @since BuddyPress (2.0.0)
*
* @param int $user_id ID of the user being edited.
* @param string $screen_id Screen ID to load the metabox in.
* @param object $stats_metabox Context and priority for the stats metabox.
*/
public function register_metaboxes($user_id = 0, $screen_id = '', $stats_metabox = null)
{
if (empty($screen_id)) {
$screen_id = buddypress()->members->admin->user_page;
}
if (empty($stats_metabox)) {
$stats_metabox = new StdClass();
}
// Moving the Stats Metabox
$stats_metabox->context = 'side';
$stats_metabox->priority = 'low';
// Each Group of fields will have his own metabox
if (false == bp_is_user_spammer($user_id) && bp_has_profile(array('fetch_fields' => false))) {
while (bp_profile_groups()) {
bp_the_profile_group();
add_meta_box('bp_xprofile_user_admin_fields_' . sanitize_key(bp_get_the_profile_group_slug()), esc_html(bp_get_the_profile_group_name()), array(&$this, 'user_admin_profile_metaboxes'), $screen_id, 'normal', 'core', array('profile_group_id' => absint(bp_get_the_profile_group_id())));
}
// if a user has been mark as a spammer, remove BP data
} else {
add_meta_box('bp_xprofile_user_admin_empty_profile', _x('User marked as a spammer', 'xprofile user-admin edit screen', 'buddypress'), array(&$this, 'user_admin_spammer_metabox'), $screen_id, 'normal', 'core');
}
// Avatar Metabox
add_meta_box('bp_xprofile_user_admin_avatar', _x('Avatar', 'xprofile user-admin edit screen', 'buddypress'), array(&$this, 'user_admin_avatar_metabox'), $screen_id, 'side', 'low');
}
/**
* Analyze the URI and break it down into BuddyPress-usable chunks.
*
* BuddyPress can use complete custom friendly URIs without the user having to
* add new rewrite rules. Custom components are able to use their own custom
* URI structures with very little work.
*
* The URIs are broken down as follows:
* - http:// example.com / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
* - OUTSIDE ROOT: http:// example.com / sites / buddypress / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
*
* Example:
* - http://example.com/members/andy/profile/edit/group/5/
* - $bp->current_component: string 'xprofile'
* - $bp->current_action: string 'edit'
* - $bp->action_variables: array ['group', 5]
*
* @since 1.0.0
*/
function bp_core_set_uri_globals()
{
global $current_blog, $wp_rewrite;
// Don't catch URIs on non-root blogs unless multiblog mode is on.
if (!bp_is_root_blog() && !bp_is_multiblog_mode()) {
return false;
}
$bp = buddypress();
// Define local variables.
$root_profile = $match = false;
$key_slugs = $matches = $uri_chunks = array();
// Fetch all the WP page names for each component.
if (empty($bp->pages)) {
$bp->pages = bp_core_get_directory_pages();
}
// Ajax or not?
if (defined('DOING_AJAX') && DOING_AJAX || strpos($_SERVER['REQUEST_URI'], 'wp-load.php')) {
$path = bp_get_referer_path();
} else {
$path = esc_url($_SERVER['REQUEST_URI']);
}
/**
* Filters the BuddyPress global URI path.
*
* @since 1.0.0
*
* @param string $path Path to set.
*/
$path = apply_filters('bp_uri', $path);
// Take GET variables off the URL to avoid problems.
$path = strtok($path, '?');
// Fetch current URI and explode each part separated by '/' into an array.
$bp_uri = explode('/', $path);
// Loop and remove empties.
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (empty($bp_uri[$key])) {
unset($bp_uri[$key]);
}
}
// If running off blog other than root, any subdirectory names must be
// removed from $bp_uri. This includes two cases:
//
// 1. when WP is installed in a subdirectory,
// 2. when BP is running on secondary blog of a subdirectory
// multisite installation. Phew!
if (is_multisite() && !is_subdomain_install() && (bp_is_multiblog_mode() || 1 != bp_get_root_blog_id())) {
// Blow chunks.
$chunks = explode('/', $current_blog->path);
// If chunks exist...
if (!empty($chunks)) {
// ...loop through them...
foreach ($chunks as $key => $chunk) {
$bkey = array_search($chunk, $bp_uri);
// ...and unset offending keys
if (false !== $bkey) {
unset($bp_uri[$bkey]);
}
$bp_uri = array_values($bp_uri);
}
}
}
// Get site path items.
$paths = explode('/', bp_core_get_site_path());
// Take empties off the end of path.
if (empty($paths[count($paths) - 1])) {
array_pop($paths);
}
// Take empties off the start of path.
if (empty($paths[0])) {
array_shift($paths);
}
// Reset indexes.
$bp_uri = array_values($bp_uri);
$paths = array_values($paths);
// Unset URI indices if they intersect with the paths.
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (isset($paths[$key]) && $uri_chunk == $paths[$key]) {
unset($bp_uri[$key]);
}
}
// Reset the keys by merging with an empty array.
$bp_uri = array_merge(array(), $bp_uri);
// If a component is set to the front page, force its name into $bp_uri
// so that $current_component is populated (unless a specific WP post is being requested
// via a URL parameter, usually signifying Preview mode).
if ('page' == get_option('show_on_front') && get_option('page_on_front') && empty($bp_uri) && empty($_GET['p']) && empty($_GET['page_id'])) {
$post = get_post(get_option('page_on_front'));
if (!empty($post)) {
$bp_uri[0] = $post->post_name;
}
}
// Keep the unfiltered URI safe.
$bp->unfiltered_uri = $bp_uri;
// Don't use $bp_unfiltered_uri, this is only for backpat with old plugins. Use $bp->unfiltered_uri.
$GLOBALS['bp_unfiltered_uri'] =& $bp->unfiltered_uri;
// Get slugs of pages into array.
foreach ((array) $bp->pages as $page_key => $bp_page) {
$key_slugs[$page_key] = trailingslashit('/' . $bp_page->slug);
}
// Bail if keyslugs are empty, as BP is not setup correct.
if (empty($key_slugs)) {
return;
}
// Loop through page slugs and look for exact match to path.
foreach ($key_slugs as $key => $slug) {
if ($slug == $path) {
$match = $bp->pages->{$key};
$match->key = $key;
$matches[] = 1;
break;
}
}
// No exact match, so look for partials.
if (empty($match)) {
// Loop through each page in the $bp->pages global.
foreach ((array) $bp->pages as $page_key => $bp_page) {
// Look for a match (check members first).
if (in_array($bp_page->name, (array) $bp_uri)) {
// Match found, now match the slug to make sure.
$uri_chunks = explode('/', $bp_page->slug);
// Loop through uri_chunks.
foreach ((array) $uri_chunks as $key => $uri_chunk) {
// Make sure chunk is in the correct position.
if (!empty($bp_uri[$key]) && $bp_uri[$key] == $uri_chunk) {
$matches[] = 1;
// No match.
} else {
$matches[] = 0;
}
}
// Have a match.
if (!in_array(0, (array) $matches)) {
$match = $bp_page;
$match->key = $page_key;
break;
}
// Unset matches.
unset($matches);
}
// Unset uri chunks.
unset($uri_chunks);
}
}
// URLs with BP_ENABLE_ROOT_PROFILES enabled won't be caught above.
if (empty($matches) && bp_core_enable_root_profiles()) {
// Switch field based on compat.
$field = bp_is_username_compatibility_mode() ? 'login' : 'slug';
// Make sure there's a user corresponding to $bp_uri[0].
if (!empty($bp->pages->members) && !empty($bp_uri[0]) && ($root_profile = get_user_by($field, $bp_uri[0]))) {
// Force BP to recognize that this is a members page.
$matches[] = 1;
$match = $bp->pages->members;
$match->key = 'members';
}
}
// Search doesn't have an associated page, so we check for it separately.
if (!empty($bp_uri[0]) && bp_get_search_slug() == $bp_uri[0]) {
$matches[] = 1;
$match = new stdClass();
$match->key = 'search';
$match->slug = bp_get_search_slug();
}
// This is not a BuddyPress page, so just return.
if (empty($matches)) {
return false;
}
$wp_rewrite->use_verbose_page_rules = false;
// Find the offset. With $root_profile set, we fudge the offset down so later parsing works.
$slug = !empty($match) ? explode('/', $match->slug) : '';
$uri_offset = empty($root_profile) ? 0 : -1;
// Rejig the offset.
if (!empty($slug) && 1 < count($slug)) {
// Only offset if not on a root profile. Fixes issue when Members page is nested.
if (false === $root_profile) {
array_pop($slug);
$uri_offset = count($slug);
}
}
// Global the unfiltered offset to use in bp_core_load_template().
// To avoid PHP warnings in bp_core_load_template(), it must always be >= 0.
$bp->unfiltered_uri_offset = $uri_offset >= 0 ? $uri_offset : 0;
// We have an exact match.
if (isset($match->key)) {
// Set current component to matched key.
$bp->current_component = $match->key;
// If members component, do more work to find the actual component.
if ('members' == $match->key) {
$after_member_slug = false;
if (!empty($bp_uri[$uri_offset + 1])) {
$after_member_slug = $bp_uri[$uri_offset + 1];
}
// Are we viewing a specific user?
if ($after_member_slug) {
// If root profile, we've already queried for the user.
if ($root_profile instanceof WP_User) {
$bp->displayed_user->id = $root_profile->ID;
// Switch the displayed_user based on compatibility mode.
} elseif (bp_is_username_compatibility_mode()) {
$bp->displayed_user->id = (int) bp_core_get_userid(urldecode($after_member_slug));
} else {
$bp->displayed_user->id = (int) bp_core_get_userid_from_nicename($after_member_slug);
}
}
// Is this a member type directory?
if (!bp_displayed_user_id() && $after_member_slug === apply_filters('bp_members_member_type_base', _x('type', 'member type URL base', 'buddypress')) && !empty($bp_uri[$uri_offset + 2])) {
$matched_types = bp_get_member_types(array('has_directory' => true, 'directory_slug' => $bp_uri[$uri_offset + 2]));
if (!empty($matched_types)) {
$bp->current_member_type = reset($matched_types);
unset($bp_uri[$uri_offset + 1]);
}
}
// If the slug matches neither a member type nor a specific member, 404.
if (!bp_displayed_user_id() && !bp_get_current_member_type() && $after_member_slug) {
// Prevent components from loading their templates.
$bp->current_component = '';
bp_do_404();
return;
}
// If the displayed user is marked as a spammer, 404 (unless logged-in user is a super admin).
if (bp_displayed_user_id() && bp_is_user_spammer(bp_displayed_user_id())) {
if (bp_current_user_can('bp_moderate')) {
bp_core_add_message(__('This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress'), 'warning');
} else {
bp_do_404();
return;
}
}
// Bump the offset.
if (bp_displayed_user_id()) {
if (isset($bp_uri[$uri_offset + 2])) {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = $bp_uri[0];
// No component, so default will be picked later.
} else {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = '';
}
// Reset the offset.
$uri_offset = 0;
}
}
}
// Determine the current action.
$current_action = isset($bp_uri[$uri_offset + 1]) ? $bp_uri[$uri_offset + 1] : '';
/*
* If a BuddyPress directory is set to the WP front page, URLs like example.com/members/?s=foo
* shouldn't interfere with blog searches.
*/
if (empty($current_action) && !empty($_GET['s']) && 'page' == get_option('show_on_front') && !empty($match->id)) {
$page_on_front = (int) get_option('page_on_front');
if ((int) $match->id === $page_on_front) {
$bp->current_component = '';
return false;
}
}
$bp->current_action = $current_action;
// Slice the rest of the $bp_uri array and reset offset.
$bp_uri = array_slice($bp_uri, $uri_offset + 2);
$uri_offset = 0;
// Set the entire URI as the action variables, we will unset the current_component and action in a second.
$bp->action_variables = $bp_uri;
// Reset the keys by merging with an empty array.
$bp->action_variables = array_merge(array(), $bp->action_variables);
}
/**
* Handles the setting of user capabilities, spamming, hamming, role, etc...
*
* @since 1.6.0
*/
function bp_settings_action_capabilities()
{
// Bail if not a POST action.
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action.
if (!isset($_POST['capabilities-submit'])) {
return;
}
// Bail if not in settings.
if (!bp_is_settings_component() || !bp_is_current_action('capabilities')) {
return false;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Only super admins can currently spam users (but they can't spam
// themselves).
if (!is_super_admin() || bp_is_my_profile()) {
return;
}
// Nonce check.
check_admin_referer('capabilities');
/**
* Fires before the capabilities settings have been saved.
*
* @since 1.6.0
*/
do_action('bp_settings_capabilities_before_save');
/* Spam **************************************************************/
$is_spammer = !empty($_POST['user-spammer']) ? true : false;
if (bp_is_user_spammer(bp_displayed_user_id()) != $is_spammer) {
$status = true == $is_spammer ? 'spam' : 'ham';
bp_core_process_spammer_status(bp_displayed_user_id(), $status);
/**
* Fires after processing a user as a spammer.
*
* @since 1.1.0
*
* @param int $value ID of the currently displayed user.
* @param string $status Determined status of "spam" or "ham" for the displayed user.
*/
do_action('bp_core_action_set_spammer_status', bp_displayed_user_id(), $status);
}
/* Other *************************************************************/
/**
* Fires after the capabilities settings have been saved and before redirect.
*
* @since 1.6.0
*/
do_action('bp_settings_capabilities_after_save');
// Redirect to the root domain.
bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/');
}
/**
* Register the xProfile metabox on Community Profile admin page.
*
* @since 2.0.0
*
* @param int $user_id ID of the user being edited.
* @param string $screen_id Screen ID to load the metabox in.
* @param object|null $stats_metabox Context and priority for the stats metabox.
*/
public function register_metaboxes($user_id = 0, $screen_id = '', $stats_metabox = null)
{
// Set the screen ID if none was passed.
if (empty($screen_id)) {
$screen_id = buddypress()->members->admin->user_page;
}
// Setup a new metabox class if none was passed.
if (empty($stats_metabox)) {
$stats_metabox = new StdClass();
}
// Moving the Stats Metabox.
$stats_metabox->context = 'side';
$stats_metabox->priority = 'low';
// Each Group of fields will have his own metabox.
$profile_args = array('fetch_fields' => false, 'user_id' => $user_id);
if (!bp_is_user_spammer($user_id) && bp_has_profile($profile_args)) {
// Loop through field groups and add a metabox for each one.
while (bp_profile_groups()) {
bp_the_profile_group();
add_meta_box('bp_xprofile_user_admin_fields_' . sanitize_key(bp_get_the_profile_group_slug()), esc_html(bp_get_the_profile_group_name()), array($this, 'user_admin_profile_metaboxes'), $screen_id, 'normal', 'core', array('profile_group_id' => absint(bp_get_the_profile_group_id())));
}
// If member is already a spammer, show a generic metabox.
} else {
add_meta_box('bp_xprofile_user_admin_empty_profile', _x('User marked as a spammer', 'xprofile user-admin edit screen', 'buddypress'), array($this, 'user_admin_spammer_metabox'), $screen_id, 'normal', 'core');
}
if (buddypress()->avatar->show_avatars) {
// Avatar Metabox.
add_meta_box('bp_xprofile_user_admin_avatar', _x('Profile Photo', 'xprofile user-admin edit screen', 'buddypress'), array($this, 'user_admin_avatar_metabox'), $screen_id, 'side', 'low');
}
}
/**
* @group bp_core_process_spammer_status
*/
public function test_bp_core_process_spammer_status_ms_bulk_ham()
{
if (!is_multisite()) {
return;
}
$bp = buddypress();
$displayed_user = $bp->displayed_user;
$u1 = $this->factory->user->create();
$bp->displayed_user->id = $u1;
// Spam the user
bp_core_process_spammer_status($u1, 'spam');
$this->assertTrue(bp_is_user_spammer($u1));
// Bulk unspam in network admin uses update_user_status
update_user_status($u1, 'spam', '0');
$this->assertFalse(bp_is_user_spammer($u1));
// Reset displayed user
$bp->displayed_user = $displayed_user;
}
/**
* Stop a logged-in user who is marked as a spammer.
*
* When an admin marks a live user as a spammer, that user can still surf
* around and cause havoc on the site until that person is logged out.
*
* This code checks to see if a logged-in user is marked as a spammer. If so,
* we redirect the user back to wp-login.php with the 'reauth' parameter.
*
* This clears the logged-in spammer's cookies and will ask the spammer to
* reauthenticate.
*
* Note: A spammer cannot log back in - {@see bp_core_boot_spammer()}.
*
* Runs on 'bp_init' at priority 5 so the members component globals are setup
* before we do our spammer checks.
*
* This is important as the $bp->loggedin_user object is setup at priority 4.
*
* @since 1.8.0
*/
function bp_stop_live_spammer()
{
// If we're on the login page, stop now to prevent redirect loop.
$is_login = false;
if (isset($GLOBALS['pagenow']) && false !== strpos($GLOBALS['pagenow'], 'wp-login.php')) {
$is_login = true;
} elseif (isset($_SERVER['SCRIPT_NAME']) && false !== strpos($_SERVER['SCRIPT_NAME'], 'wp-login.php')) {
$is_login = true;
}
if ($is_login) {
return;
}
// User isn't logged in, so stop!
if (!is_user_logged_in()) {
return;
}
// If spammer, redirect to wp-login.php and reauthorize.
if (bp_is_user_spammer(bp_loggedin_user_id())) {
// Setup login args.
$args = array('action' => 'bp-spam', 'reauth' => 1);
/**
* Filters the url used for redirection for a logged in user marked as spam.
*
* @since 1.8.0
*
* @param string $value URL to redirect user to.
*/
$login_url = apply_filters('bp_live_spammer_redirect', add_query_arg($args, wp_login_url()));
// Redirect user to login page.
wp_redirect($login_url);
die;
}
}
function bp_checkins_post_update($args = '')
{
global $bp;
$defaults = array('content' => false, 'user_id' => $bp->loggedin_user->id, 'type' => 'checkin', 'place_id' => false, 'place_name' => false, 'comment_id' => false, 'recorded_time' => bp_core_current_time());
$r = wp_parse_args($args, $defaults);
extract($r, EXTR_SKIP);
if ($type == "checkin" && (empty($content) || !strlen(trim($content)))) {
return false;
}
if (bp_is_user_spammer($user_id) || bp_is_user_deleted($user_id)) {
return false;
}
// Record this on the user's profile
$from_user_link = bp_core_get_userlink($user_id);
$component = 'checkins';
if ($type == 'checkin') {
$activity_action = sprintf(__('%s added a checkin', 'bp-checkins'), $from_user_link);
$activity_content = $content;
$primary_link = bp_core_get_userlink($user_id, false, true);
$checkin_type = 'activity_checkin';
$item_id = false;
$secondary_item_id = false;
} else {
if ($type == 'new_place' && !empty($place_id)) {
$component = 'places';
$place_permalink = '<a href="' . bp_get_checkins_places_the_permalink($place_id) . '" title="' . $place_name . '">' . $place_name . '</a>';
$activity_action = sprintf(__('%s added a new place %s', 'bp-checkins'), $from_user_link, $place_permalink);
$primary_link = bp_core_get_userlink($user_id, false, true);
$checkin_type = 'new_place';
$item_id = $place_id;
$activity_content = $content;
$secondary_item_id = false;
} else {
if ($type == 'place_checkin' && !empty($place_id)) {
$place_permalink = '<a href="' . bp_get_checkins_places_the_permalink($place_id) . '" title="' . $place_name . '">' . $place_name . '</a>';
$activity_action = sprintf(__('%s checked-in %s', 'bp-checkins'), $from_user_link, $place_permalink);
$primary_link = bp_core_get_userlink($user_id, false, true);
$checkin_type = 'place_checkin';
$item_id = $place_id;
$activity_content = false;
$secondary_item_id = false;
} else {
if ($type == 'place_comment' && !empty($place_id) && !empty($comment_id)) {
$component = 'places';
$place_permalink = '<a href="' . bp_get_checkins_places_the_permalink($place_id) . '" title="' . $place_name . '">' . $place_name . '</a>';
$activity_action = sprintf(__('%s added a comment on %s', 'bp-checkins'), $from_user_link, $place_permalink);
$primary_link = bp_core_get_userlink($user_id, false, true);
$checkin_type = 'place_comment';
$activity_content = $content;
$item_id = $place_id;
$secondary_item_id = $comment_id;
} else {
if ($type == 'place_checkin_comment' && !empty($place_id) && !empty($comment_id)) {
$component = 'places';
$place_permalink = '<a href="' . bp_get_checkins_places_the_permalink($place_id) . '" title="' . $place_name . '">' . $place_name . '</a>';
$activity_action = sprintf(__('%s checked-in and added a comment on %s', 'bp-checkins'), $from_user_link, $place_permalink);
$primary_link = bp_core_get_userlink($user_id, false, true);
$checkin_type = 'place_comment';
$activity_content = $content;
$item_id = $place_id;
$secondary_item_id = $comment_id;
}
}
}
}
}
// Now write the values
$activity_id = bp_activity_add(array('user_id' => $user_id, 'action' => apply_filters('bp_activity_new_update_action', $activity_action), 'content' => apply_filters('bp_activity_new_update_content', $activity_content), 'primary_link' => apply_filters('bp_activity_new_update_primary_link', $primary_link), 'component' => $component, 'type' => $checkin_type, 'item_id' => $item_id, 'secondary_item_id' => $secondary_item_id, 'recorded_time' => $recorded_time));
if ($type == 'checkin') {
bp_update_user_meta($bp->loggedin_user->id, 'bp_latest_update', array('id' => $activity_id, 'content' => wp_filter_kses($content)));
}
if ($checkin_type == 'place_comment') {
update_comment_meta($comment_id, 'group_place_activity_id', $activity_id);
}
do_action('bp_activity_posted_checkin', $content, $user_id, $activity_id);
return $activity_id;
}
/**
* Set up canonical stack for this component.
*
* @since BuddyPress (2.1.0)
*/
public function setup_canonical_stack()
{
$bp = buddypress();
/** Default Profile Component *****************************************/
if (defined('BP_DEFAULT_COMPONENT') && BP_DEFAULT_COMPONENT) {
$bp->default_component = BP_DEFAULT_COMPONENT;
} else {
if (bp_is_active('activity') && isset($bp->pages->activity)) {
$bp->default_component = bp_get_activity_slug();
} else {
$bp->default_component = 'xprofile' === $bp->profile->id ? 'profile' : $bp->profile->id;
}
}
/** Canonical Component Stack *****************************************/
if (bp_displayed_user_id()) {
$bp->canonical_stack['base_url'] = bp_displayed_user_domain();
if (bp_current_component()) {
$bp->canonical_stack['component'] = bp_current_component();
}
if (bp_current_action()) {
$bp->canonical_stack['action'] = bp_current_action();
}
if (!empty($bp->action_variables)) {
$bp->canonical_stack['action_variables'] = bp_action_variables();
}
// Looking at the single member root/home, so assume the default
if (!bp_current_component()) {
$bp->current_component = $bp->default_component;
// The canonical URL will not contain the default component
} elseif (bp_is_current_component($bp->default_component) && !bp_current_action()) {
unset($bp->canonical_stack['component']);
}
// if we're on a spammer's profile page, only users with the 'bp_moderate' cap
// can view subpages on the spammer's profile
//
// users without the cap trying to access a spammer's subnav page will get
// redirected to the root of the spammer's profile page. this occurs by
// by removing the component in the canonical stack.
if (bp_is_user_spammer(bp_displayed_user_id()) && !bp_current_user_can('bp_moderate')) {
unset($bp->canonical_stack['component']);
}
}
}
/**
* Stop a logged-in user who is marked as a spammer.
*
* When an admin marks a live user as a spammer, that user can still surf
* around and cause havoc on the site until that person is logged out.
*
* This code checks to see if a logged-in user is marked as a spammer. If so,
* we redirect the user back to wp-login.php with the 'reauth' parameter.
*
* This clears the logged-in spammer's cookies and will ask the spammer to
* reauthenticate.
*
* Note: A spammer cannot log back in - {@see bp_core_boot_spammer()}.
*
* Runs on 'bp_init' at priority 5 so the members component globals are setup
* before we do our spammer checks.
*
* This is important as the $bp->loggedin_user object is setup at priority 4.
*
* @since BuddyPress (v1.8)
*/
function bp_stop_live_spammer()
{
// if we're on the login page, stop now to prevent redirect loop
if (strpos($GLOBALS['pagenow'], 'wp-login.php') !== false) {
return;
}
// user isn't logged in, so stop!
if (!is_user_logged_in()) {
return;
}
// if spammer, redirect to wp-login.php and reauthorize
if (bp_is_user_spammer(bp_loggedin_user_id())) {
// setup login args
$args = array('action' => 'bp-spam', 'reauth' => 1);
// setup login URL
$login_url = apply_filters('bp_live_spammer_redirect', add_query_arg($args, wp_login_url()));
// redirect user to login page
wp_redirect($login_url);
die;
}
}
/**
* Handles the setting of user capabilities, spamming, hamming, role, etc...
*/
function bp_settings_action_capabilities()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action
if (!isset($_POST['capabilities-submit'])) {
return;
}
// Bail if not in settings
if (!bp_is_settings_component() || !bp_is_current_action('capabilities')) {
return false;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Only super admins can currently spam users (but they can't spam
// themselves)
if (!is_super_admin() || bp_is_my_profile()) {
return;
}
// Nonce check
check_admin_referer('capabilities');
do_action('bp_settings_capabilities_before_save');
/** Spam **************************************************************/
$is_spammer = !empty($_POST['user-spammer']) ? true : false;
if (bp_is_user_spammer(bp_displayed_user_id()) != $is_spammer) {
$status = true == $is_spammer ? 'spam' : 'ham';
bp_core_process_spammer_status(bp_displayed_user_id(), $status);
do_action('bp_core_action_set_spammer_status', bp_displayed_user_id(), $status);
}
/** Other *************************************************************/
do_action('bp_settings_capabilities_after_save');
// Redirect to the root domain
bp_core_redirect(bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/');
}
/**
* Stop a logged-in user who is marked as a spammer.
*
* When an admin marks a live user as a spammer, that user can still surf
* around and cause havoc on the site until that person is logged out.
*
* This code checks to see if a logged-in user is marked as a spammer. If so,
* we redirect the user back to wp-login.php with the 'reauth' parameter.
*
* This clears the logged-in spammer's cookies and will ask the spammer to
* reauthenticate.
*
* Note: A spammer cannot log back in - {@see bp_core_boot_spammer()}.
*
* Runs on 'bp_init' at priority 5 so the members component globals are setup
* before we do our spammer checks.
*
* This is important as the $bp->loggedin_user object is setup at priority 4.
*
* @since BuddyPress (1.8.0)
*/
function bp_stop_live_spammer() {
// if we're on the login page, stop now to prevent redirect loop
$is_login = false;
if ( isset( $GLOBALS['pagenow'] ) && ( false !== strpos( $GLOBALS['pagenow'], 'wp-login.php' ) ) ) {
$is_login = true;
} elseif ( isset( $_SERVER['SCRIPT_NAME'] ) && false !== strpos( $_SERVER['SCRIPT_NAME'], 'wp-login.php' ) ) {
$is_login = true;
}
if ( $is_login ) {
return;
}
// user isn't logged in, so stop!
if ( ! is_user_logged_in() ) {
return;
}
// if spammer, redirect to wp-login.php and reauthorize
if ( bp_is_user_spammer( bp_loggedin_user_id() ) ) {
// setup login args
$args = array(
// custom action used to throw an error message
'action' => 'bp-spam',
// reauthorize user to login
'reauth' => 1
);
/**
* Filters the url used for redirection for a logged in user marked as spam.
*
* @since BuddyPress (1.8.0)
*
* @param string $value URL to redirect user to.
*/
$login_url = apply_filters( 'bp_live_spammer_redirect', add_query_arg( $args, wp_login_url() ) );
// redirect user to login page
wp_redirect( $login_url );
die();
}
}
