/** * Create a new post. * * @param array $args { * @type int $post_id Optional. ID of an existing post, if you want to * update rather than create. Default: false. * @type int $topic_id ID of the topic to which the post belongs. * @type string $post_text Contents of the post. * @type string $post_time Optional. Time when the post was recorded. * Default: current time, as reported by {@link bp_core_current_time()}. * @type int $poster_id Optional. ID of the user creating the post. * Default: ID of the logged-in user. * @type string $poster_ip Optional. IP address of the user creating the * post. Default: the IP address found in $_SERVER['REMOTE_ADDR']. * @type int $post_status Post status. Default: 0. * @type int $post_position Optional. Default: false (auto). * } * @return int|bool ID of the new post on success, false on failure. */ function bp_forums_insert_post($args = '') { /** This action is documented in bp-forums/bp-forums-screens */ do_action('bbpress_init'); $defaults = array('post_id' => false, 'topic_id' => false, 'post_text' => '', 'post_time' => bp_core_current_time(), 'poster_id' => bp_loggedin_user_id(), 'poster_ip' => $_SERVER['REMOTE_ADDR'], 'post_status' => 0, 'post_position' => false); $r = wp_parse_args($args, $defaults); extract($r, EXTR_SKIP); if (!($post = bp_forums_get_post($post_id))) { $post_id = false; } if (!isset($topic_id)) { $topic_id = $post->topic_id; } if (empty($post_text)) { $post_text = $post->post_text; } if (!isset($post_time)) { $post_time = $post->post_time; } if (!isset($post_position)) { $post_position = $post->post_position; } if (empty($poster_id)) { return false; } if (bp_is_user_inactive(bp_loggedin_user_id())) { return false; } $post_id = bb_insert_post(array('post_id' => $post_id, 'topic_id' => $topic_id, 'post_text' => stripslashes(trim($post_text)), 'post_time' => $post_time, 'poster_id' => $poster_id, 'poster_ip' => $poster_ip, 'post_status' => $post_status, 'post_position' => $post_position)); if (!empty($post_id)) { /** * Fires if there was a new post created. * * @since BuddyPress (1.0.0) * * @param int $post_id ID of the newly created forum post. */ do_action('bp_forums_new_post', $post_id); } return $post_id; }
/** * Processes pingback requests * * @since 1.0 * @link http://www.hixie.ch/specs/pingback/pingback * @return string|object A message of success or an IXR_Error object on failure * @param array $args Arguments passed by the XML-RPC call * @param string $args[0] The full URI of the post where the pingback is being sent from * @param string $args[1] The full URI of the post where the pingback is being sent to * * XML-RPC request to register a pingback * <methodCall> * <methodName>pingback.ping</methodName> * <params> * <param><value><string>http://example.org/2008/09/post-containing-a-link/</string></value></param> * <param><value><string>http://example.com/2008/08/post-being-linked-to/</string></value></param> * </params> * </methodCall> */ function pingback_ping($args) { do_action('bb_xmlrpc_call', 'pingback.ping'); $this->escape($args); // No particular need to sanitise $link_from = (string) $args[0]; $link_to = (string) $args[1]; // Tidy up ampersands in the URLs $link_from = str_replace('&', '&', $link_from); $link_to = str_replace('&', '&', $link_to); $link_to = str_replace('&', '&', $link_to); // Check if the topic linked to is in our site - a little more strict than NXTClass, doesn't pull out the www if added if (!bb_match_domains($link_to, bb_get_uri())) { // These are not the droids you are looking for $this->error = new IXR_Error(0, __('This is not the site you are trying to pingback.')); return $this->error; } // Get the topic if ($topic_to = bb_get_topic_from_uri($link_to)) { // Topics shouldn't ping themselves if ($topic_from = bb_get_topic_from_uri($link_from)) { if ($topic_from->topic_id === $topic_to->topic_id) { $this->error = new IXR_Error(0, __('The source URL and the target URL cannot both point to the same resource.')); return $this->error; } } } else { $this->error = new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.')); return $this->error; } // Let's check that the remote site didn't already pingback this entry $query = new BB_Query('post', array('topic_id' => $topic_to->topic_id, 'append_meta' => true), 'get_thread'); $posts_to = $query->results; unset($query); // Make sure we have some posts in the topic, this error should never happen really if (!$posts_to || !is_array($posts_to) || !count($posts_to)) { $this->error = new IXR_Error(0, __('The specified target topic does not contain any posts.')); return $this->error; } // Check if we already have a pingback from this URL foreach ($posts_to as $post) { if (isset($post->pingback_uri) && trim($post->pingback_uri) === trim($link_from)) { $this->error = new IXR_Error(48, __('The pingback has already been registered.')); return $this->error; } } unset($posts_to, $post); // Give time for the server sending the pingback to finish publishing it's post sleep(1); // Let's check the remote site for valid URL and content $link_from_source = nxt_remote_fopen($link_from); if (!$link_from_source) { $this->error = new IXR_Error(16, __('The source URL does not exist.')); return $this->error; } // Allow plugins to filter here $link_from_source = apply_filters('bb_pre_remote_source', $link_from_source, $link_to); // Work around bug in strip_tags() $link_from_source = str_replace('<!DOC', '<DOC', $link_from_source); // Normalize spaces $link_from_source = preg_replace('/[\\s\\r\\n\\t]+/', ' ', $link_from_source); // Turn certain elements to double line returns $link_from_source = preg_replace("/ <(h1|h2|h3|h4|h5|h6|p|th|td|li|dt|dd|pre|caption|input|textarea|button|body)[^>]*>/", "\n\n", $link_from_source); // Find the title of the page preg_match('|<title>([^<]*?)</title>|is', $link_from_source, $link_from_title); $link_from_title = $link_from_title[1]; if (empty($link_from_title)) { $this->error = new IXR_Error(32, __('We cannot find a title on that page.')); return $this->error; } // Strip out all tags except anchors $link_from_source = strip_tags($link_from_source, '<a>'); // just keep the tag we need // Split the source into paragraphs $link_from_paragraphs = explode("\n\n", $link_from_source); // Prepare the link to search for in preg_match() once here $preg_target = preg_quote($link_to); // Loop through the paragraphs looking for the context for the url foreach ($link_from_paragraphs as $link_from_paragraph) { // The url exists if (strpos($link_from_paragraph, $link_to) !== false) { // But is it in an anchor tag preg_match("|<a[^>]+?" . $preg_target . "[^>]*>([^>]+?)</a>|", $link_from_paragraph, $context); // If the URL isn't in an anchor tag, keep looking if (empty($context)) { continue; } // We're going to use this fake tag to mark the context in a bit // the marker is needed in case the link text appears more than once in the paragraph $excerpt = preg_replace('|\\</?nxtcontext\\>|', '', $link_from_paragraph); // Prevent really long link text if (strlen($context[1]) > 100) { $context[1] = substr($context[1], 0, 100) . '...'; } // Set up the marker around the context $marker = '<nxtcontext>' . $context[1] . '</nxtcontext>'; // Swap out the link for our marker $excerpt = str_replace($context[0], $marker, $excerpt); // Strip all tags except for our context marker $excerpt = trim(strip_tags($excerpt, '<nxtcontext>')); // Make the marker safe for use in regexp $preg_marker = preg_quote($marker); // Reduce the excerpt to only include 100 characters on either side of the link $excerpt = preg_replace("|.*?\\s(.{0,100}" . $preg_marker . "{0,100})\\s.*|s", '$1', $excerpt); // Strip tags again, to remove the marker wrapper $excerpt = strip_tags($excerpt); break; } } // Make sure the link to the target was found in the excerpt if (empty($context)) { $this->error = new IXR_Error(17, __('The source URL does not contain a link to the target URL, and so cannot be used as a source.')); return $this->error; } // Add whacky prefix and suffix to the excerpt and sanitize $excerpt = '[...] ' . esc_html($excerpt) . ' [...]'; $this->escape($excerpt); // Build an array of post data to insert then insert a new post $postdata = array('topic_id' => $topic_to->topic_id, 'post_text' => $excerpt, 'poster_id' => 0); if (!($post_ID = bb_insert_post($postdata))) { $this->error = new IXR_Error(0, __('The pingback could not be added.')); return $this->error; } // Add meta to let us know where the pingback came from $link_from = str_replace('&', '&', $link_from); $this->escape($link_from); bb_update_postmeta($post_ID, 'pingback_uri', $link_from); // Add the title to meta $this->escape($link_from_title); bb_update_postmeta($post_ID, 'pingback_title', $link_from_title); // Action for plugins and what not do_action('bb_pingback_post', $post_ID); // Return success message, complete with emoticon return sprintf(__('Pingback from %1$s to %2$s registered. Keep the web talking! :-)'), $link_from, $link_to); }
function bp_forums_insert_post($args = '') { global $bp; do_action('bbpress_init'); $defaults = array('post_id' => false, 'topic_id' => false, 'post_text' => '', 'post_time' => bp_core_current_time(), 'poster_id' => bp_loggedin_user_id(), 'poster_ip' => $_SERVER['REMOTE_ADDR'], 'post_status' => 0, 'post_position' => false); $r = wp_parse_args($args, $defaults); extract($r, EXTR_SKIP); if (!($post = bp_forums_get_post($post_id))) { $post_id = false; } if (!isset($topic_id)) { $topic_id = $post->topic_id; } if (empty($post_text)) { $post_text = $post->post_text; } if (!isset($post_time)) { $post_time = $post->post_time; } if (!isset($post_position)) { $post_position = $post->post_position; } if (empty($poster_id)) { return false; } if (bp_is_user_inactive(bp_loggedin_user_id())) { return false; } $post_id = bb_insert_post(array('post_id' => $post_id, 'topic_id' => $topic_id, 'post_text' => stripslashes(trim($post_text)), 'post_time' => $post_time, 'poster_id' => $poster_id, 'poster_ip' => $poster_ip, 'post_status' => $post_status, 'post_position' => $post_position)); if (!empty($post_id)) { do_action('bp_forums_new_post', $post_id); } return $post_id; }
} if (!empty($_POST['url'])) { $post_url = esc_url(trim($_POST['url'])); } } // Loop through possible anonymous post data foreach (array('post_author', 'post_email', 'post_url') as $field) { if (!empty(${$field})) { $post_data[$field] = ${$field}; } } // Setup topic data if (bb_is_first($bb_post->post_id) && bb_current_user_can('edit_topic', $bb_post->topic_id)) { $post_data['topic_title'] = stripslashes($_POST['topic']); $post_data['topic_id'] = $bb_post->topic_id; bb_insert_topic($post_data); } // Setup post data $post_data['post_text'] = stripslashes($_POST['post_content']); $post_data['post_id'] = $post_id; bb_insert_post($post_data); if ($post_id) { if ($_REQUEST['view'] === 'all') { add_filter('get_post_link', 'bb_make_link_view_all'); } $post_link = get_post_link($post_id); nxt_redirect($post_link); } else { nxt_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); } exit;
/** * Finalises the installation by creating the database and writing all the supplied data to the database. * * @return void **/ function process_form_finalise_installation() { require_once BB_PATH . 'bb-admin/includes/functions.bb-upgrade.php'; require_once BB_PATH . 'bb-admin/includes/functions.bb-admin.php'; $this->inject_form_values_into_data(2); $this->inject_form_values_into_data(3); $data2 =& $this->data[2]['form']; $data3 =& $this->data[3]['form']; $data4 =& $this->data[4]['form']; $error_log = array(); $installation_log = array(); // Check the referer bb_check_admin_referer('bbpress-installer'); $installation_log[] = __('Referrer is OK, beginning installation…'); global $bbdb; // Setup user table variables and constants if available if ($data2['toggle_2_2']['value']) { $installation_log[] = '>>> ' . __('Setting up custom user table constants'); global $bb; global $bb_table_prefix; if (!empty($data2['wp_table_prefix']['value'])) { $bb->wp_table_prefix = $data2['wp_table_prefix']['value']; } if (!empty($data2['user_bbdb_name']['value'])) { $bb->user_bbdb_name = $data2['user_bbdb_name']['value']; } if (!empty($data2['user_bbdb_user']['value'])) { $bb->user_bbdb_user = $data2['user_bbdb_user']['value']; } if (!empty($data2['user_bbdb_password']['value'])) { $bb->user_bbdb_password = $data2['user_bbdb_password']['value']; } if (!empty($data2['user_bbdb_host']['value'])) { $bb->user_bbdb_host = $data2['user_bbdb_host']['value']; } if (!empty($data2['user_bbdb_charset']['value'])) { $bb->user_bbdb_charset = preg_replace('/[^a-z0-9_-]/i', '', $data2['user_bbdb_charset']['value']); } if (!empty($data2['user_bbdb_collate']['value'])) { $bb->user_bbdb_collate = preg_replace('/[^a-z0-9_-]/i', '', $data2['user_bbdb_collate']['value']); } bb_set_custom_user_tables(); // Add custom user database if required if (isset($bb->custom_databases['user'])) { $bbdb->add_db_server('user', $bb->custom_databases['user']); } // Add custom tables if required if (isset($bb->custom_tables)) { $bbdb->tables = array_merge($bbdb->tables, $bb->custom_tables); if (is_wp_error($bbdb->set_prefix($bb_table_prefix))) { die(__('Your user table prefix may only contain letters, numbers and underscores.')); } } } // Create the database $installation_log[] = "\n" . __('Step 1 - Creating database tables'); if (!$this->database_tables_are_installed()) { // Hide db errors $bbdb->hide_errors(); // Install the database $alterations = bb_install(); // Show db errors $bbdb->show_errors(); if (isset($alterations['errors']) && is_array($alterations['errors'])) { $error_log = array_merge($error_log, $alterations['errors']); } if (isset($alterations['messages']) && is_array($alterations['messages'])) { $installation_log = array_merge($installation_log, $alterations['messages']); } if (!$this->database_tables_are_installed()) { $installation_log[] = '>>> ' . __('Database installation failed!!!'); $installation_log[] = '>>>>>> ' . __('Halting installation!'); $error_log[] = __('Database installation failed!!!'); $this->step_status[4] = 'incomplete'; $this->strings[4]['h2'] = __('Installation failed!'); $this->strings[4]['messages']['error'][] = __('The database failed to install. You may need to replace bbPress with a fresh copy and start again.'); $data4['installation_log']['value'] = join("\n", $installation_log); $data4['error_log']['value'] = join("\n", $error_log); return 'incomplete'; } } else { $installation_log[] = '>>> ' . __('Database is already installed!!!'); } // Integration settings passed from step 2 // These are already validated provided that the referer checks out $installation_log[] = "\n" . __('Step 2 - WordPress integration (optional)'); if ($data2['toggle_2_0']['value']) { if ($data2['toggle_2_1']['value']) { bb_update_option('wp_siteurl', $data2['wp_siteurl']['value']); $installation_log[] = '>>> ' . __('WordPress address (URL):') . ' ' . $data2['wp_siteurl']['value']; bb_update_option('wp_home', $data2['wp_home']['value']); $installation_log[] = '>>> ' . __('Blog address (URL):') . ' ' . $data2['wp_home']['value']; $config_result = $this->write_lines_to_file(BB_PATH . 'bb-config.php', false, array("define( 'BB_AUTH_KEY" => array("'" . BB_AUTH_KEY . "'", "'" . $data2['wp_auth_key']['value'] . "'"), "define( 'BB_SECURE_A" => array("'" . BB_SECURE_AUTH_KEY . "'", "'" . $data2['wp_secure_auth_key']['value'] . "'"), "define( 'BB_LOGGED_I" => array("'" . BB_LOGGED_IN_KEY . "'", "'" . $data2['wp_logged_in_key']['value'] . "'"))); switch ($config_result) { case 1: $installation_log[] = '>>> ' . __('WordPress cookie keys set.'); break; default: $error_log[] = '>>> ' . __('WordPress cookie keys not set.'); $error_log[] = '>>>>>> ' . __('Your "bb-config.php" file was not writable.'); $error_log[] = '>>>>>> ' . __('You will need to manually re-define "BB_AUTH_KEY", "BB_SECURE_AUTH_KEY" and "BB_LOGGED_IN_KEY" in your "bb-config.php" file.'); $installation_log[] = '>>> ' . __('WordPress cookie keys not set.'); break; } if (!empty($data2['wp_auth_salt']['value'])) { bb_update_option('bb_auth_salt', $data2['wp_auth_salt']['value']); $installation_log[] = '>>> ' . __('WordPress "auth" cookie salt set from input.'); } if (!empty($data2['wp_secure_auth_salt']['value'])) { bb_update_option('bb_secure_auth_salt', $data2['wp_secure_auth_salt']['value']); $installation_log[] = '>>> ' . __('WordPress "secure auth" cookie salt set from input.'); } if (!empty($data2['wp_logged_in_salt']['value'])) { bb_update_option('bb_logged_in_salt', $data2['wp_logged_in_salt']['value']); $installation_log[] = '>>> ' . __('WordPress "logged in" cookie salt set from input.'); } } if ($data2['toggle_2_2']['value']) { if (!bb_get_option('bb_auth_salt') || !bb_get_option('bb_secure_auth_salt') || !bb_get_option('bb_logged_in_salt')) { $installation_log[] = '>>> ' . __('Fetching missing WordPress cookie salts.'); $_prefix = $bb->wp_table_prefix; if (!empty($data2['wordpress_mu_primary_blog_id']['value'])) { $_prefix .= $data2['wordpress_mu_primary_blog_id']['value'] . '_'; } if (isset($bb->custom_databases['user'])) { $bbdb->tables['options'] = array('user', $_prefix . 'options'); } else { $bbdb->tables['options'] = $_prefix . 'options'; } unset($_prefix); $bbdb->set_prefix($bb_table_prefix); if (!bb_get_option('bb_auth_salt')) { $wp_auth_salt = $bbdb->get_var("SELECT `option_value` FROM {$bbdb->options} WHERE `option_name` = 'auth_salt' LIMIT 1"); if ($wp_auth_salt) { bb_update_option('bb_auth_salt', $wp_auth_salt); $installation_log[] = '>>>>>> ' . __('WordPress "auth" cookie salt set.'); } else { $error_log[] = '>>> ' . __('WordPress "auth" cookie salt not set.'); $error_log[] = '>>>>>> ' . __('Could not fetch "auth" cookie salt from the WordPress options table.'); $error_log[] = '>>>>>> ' . __('You will need to manually define the "auth" cookie salt in your database.'); $installation_log[] = '>>>>>> ' . __('WordPress "auth" cookie salt not set.'); } } if (!bb_get_option('bb_secure_auth_salt')) { $wp_secure_auth_salt = $bbdb->get_var("SELECT `option_value` FROM {$bbdb->options} WHERE `option_name` = 'secure_auth_salt' LIMIT 1"); if ($wp_secure_auth_salt) { bb_update_option('bb_secure_auth_salt', $wp_secure_auth_salt); $installation_log[] = '>>>>>> ' . __('WordPress "secure auth" cookie salt set.'); } else { // This cookie salt is sometimes empty so don't error $installation_log[] = '>>>>>> ' . __('WordPress "secure auth" cookie salt not set.'); } } if (!bb_get_option('bb_logged_in_salt')) { $wp_logged_in_salt = $bbdb->get_var("SELECT `option_value` FROM {$bbdb->options} WHERE `option_name` = 'logged_in_salt' LIMIT 1"); if ($wp_logged_in_salt) { bb_update_option('bb_logged_in_salt', $wp_logged_in_salt); $installation_log[] = '>>>>>> ' . __('WordPress "logged in" cookie salt set.'); } else { $error_log[] = '>>> ' . __('WordPress "logged in" cookie salt not set.'); $error_log[] = '>>>>>> ' . __('Could not fetch "logged in" cookie salt from the WordPress options table.'); $error_log[] = '>>>>>> ' . __('You will need to manually define the "logged in" cookie salt in your database.'); $installation_log[] = '>>>>>> ' . __('WordPress "logged in" cookie salt not set.'); } } } if (!empty($data2['wp_table_prefix']['value'])) { bb_update_option('wp_table_prefix', $data2['wp_table_prefix']['value']); $installation_log[] = '>>> ' . __('User database table prefix:') . ' ' . $data2['wp_table_prefix']['value']; } if (!empty($data2['wordpress_mu_primary_blog_id']['value'])) { bb_update_option('wordpress_mu_primary_blog_id', $data2['wordpress_mu_primary_blog_id']['value']); $installation_log[] = '>>> ' . __('WordPress MU primary blog ID:') . ' ' . $data2['wordpress_mu_primary_blog_id']['value']; } if ($data2['toggle_2_3']['value']) { if (!empty($data2['user_bbdb_name']['value'])) { bb_update_option('user_bbdb_name', $data2['user_bbdb_name']['value']); $installation_log[] = '>>> ' . __('User database name:') . ' ' . $data2['user_bbdb_name']['value']; } if (!empty($data2['user_bbdb_user']['value'])) { bb_update_option('user_bbdb_user', $data2['user_bbdb_user']['value']); $installation_log[] = '>>> ' . __('User database user:'******' ' . $data2['user_bbdb_user']['value']; } if (!empty($data2['user_bbdb_password']['value'])) { bb_update_option('user_bbdb_password', $data2['user_bbdb_password']['value']); $installation_log[] = '>>> ' . __('User database password:'******' ' . $data2['user_bbdb_password']['value']; } if (!empty($data2['user_bbdb_host']['value'])) { bb_update_option('user_bbdb_host', $data2['user_bbdb_host']['value']); $installation_log[] = '>>> ' . __('User database host:') . ' ' . $data2['user_bbdb_host']['value']; } if (!empty($data2['user_bbdb_charset']['value'])) { bb_update_option('user_bbdb_charset', $data2['user_bbdb_charset']['value']); $installation_log[] = '>>> ' . __('User database character set:') . ' ' . $data2['user_bbdb_charset']['value']; } if (!empty($data2['user_bbdb_collate']['value'])) { bb_update_option('user_bbdb_collate', $data2['user_bbdb_collate']['value']); $installation_log[] = '>>> ' . __('User database collation:') . ' ' . $data2['user_bbdb_collate']['value']; } if (!empty($data2['custom_user_table']['value'])) { bb_update_option('custom_user_table', $data2['custom_user_table']['value']); $installation_log[] = '>>> ' . __('User database "user" table:') . ' ' . $data2['custom_user_table']['value']; } if (!empty($data2['custom_user_meta_table']['value'])) { bb_update_option('custom_user_meta_table', $data2['custom_user_meta_table']['value']); $installation_log[] = '>>> ' . __('User database "user meta" table:') . ' ' . $data2['custom_user_meta_table']['value']; } } } } else { $installation_log[] = '>>> ' . __('Integration not enabled'); } // Site settings passed from step 3 // These are already validated provided that the referer checks out $installation_log[] = "\n" . __('Step 3 - Site settings'); bb_update_option('name', $data3['name']['value']); $installation_log[] = '>>> ' . __('Site name:') . ' ' . $data3['name']['value']; bb_update_option('uri', $data3['uri']['value']); $installation_log[] = '>>> ' . __('Site address (URL):') . ' ' . $data3['uri']['value']; bb_update_option('from_email', $data3['keymaster_user_email']['value']); $installation_log[] = '>>> ' . __('From email address:') . ' ' . $data3['keymaster_user_email']['value']; // Create the key master $keymaster_created = false; switch ($data3['keymaster_user_type']['value']) { case 'new': // Check to see if the user login already exists if ($keymaster_user = bb_get_user($data3['keymaster_user_login']['value'], array('by' => 'login'))) { // The keymaster is an existing bbPress user $installation_log[] = '>>> ' . __('Key master could not be created!'); $installation_log[] = '>>>>>> ' . __('That login is already taken!'); $error_log[] = __('Key master could not be created!'); if ($keymaster_user->bb_capabilities['keymaster']) { // The existing user is a key master - continue $bb_current_user = bb_set_current_user($keymaster_user->ID); $installation_log[] = '>>>>>> ' . __('Existing key master entered!'); $data4['keymaster_user_password']['value'] = __('Your bbPress password'); $data3['keymaster_user_email']['value'] = $keymaster_user->user_email; bb_update_option('from_email', $keymaster_user->user_email); $installation_log[] = '>>>>>> ' . __('Re-setting admin email address.'); $keymaster_created = true; } else { // The existing user is a non-key master user - halt installation $installation_log[] = '>>>>>> ' . __('Existing user without key master role entered!'); $installation_log[] = '>>>>>>>>> ' . __('Halting installation!'); $this->step_status[4] = 'incomplete'; $this->strings[4]['h2'] = __('Installation failed!'); $this->strings[4]['messages']['error'][] = __('The key master could not be created. An existing user was found with that user login.'); $data4['installation_log']['value'] = join("\n", $installation_log); $data4['error_log']['value'] = join("\n", $error_log); return 'incomplete'; } break; } // Helper function to let us know the password that was created global $keymaster_password; function bb_get_keymaster_password($user_id, $pass) { global $keymaster_password; $keymaster_password = $pass; } add_action('bb_new_user', 'bb_get_keymaster_password', 10, 2); // Create the new user (automattically given key master role when BB_INSTALLING is true) if ($keymaster_user_id = bb_new_user($data3['keymaster_user_login']['value'], $data3['keymaster_user_email']['value'], '')) { $bb_current_user = bb_set_current_user($keymaster_user_id); $data4['keymaster_user_password']['value'] = $keymaster_password; $installation_log[] = '>>> ' . __('Key master created'); $installation_log[] = '>>>>>> ' . __('Username:'******' ' . $data3['keymaster_user_login']['value']; $installation_log[] = '>>>>>> ' . __('Email address:') . ' ' . $data3['keymaster_user_email']['value']; $installation_log[] = '>>>>>> ' . __('Password:'******' ' . $data4['keymaster_user_password']['value']; $keymaster_created = true; } else { $installation_log[] = '>>> ' . __('Key master could not be created!'); $installation_log[] = '>>>>>> ' . __('Halting installation!'); $error_log[] = __('Key master could not be created!'); $this->step_status[4] = 'incomplete'; $this->strings[4]['h2'] = __('Installation failed!'); $this->strings[4]['messages']['error'][] = __('The key master could not be created. You may need to replace bbPress with a fresh copy and start again.'); $data4['installation_log']['value'] = join("\n", $installation_log); $data4['error_log']['value'] = join("\n", $error_log); return 'incomplete'; } break; case 'old': if ($keymaster_user = bb_get_user($data3['keymaster_user_login']['value'], array('by' => 'login'))) { // The keymaster is an existing bbPress or WordPress user $bb_current_user = bb_set_current_user($keymaster_user->ID); $bb_current_user->set_role('keymaster'); $data4['keymaster_user_password']['value'] = __('Your existing password'); $installation_log[] = '>>> ' . __('Key master role assigned to existing user'); $installation_log[] = '>>>>>> ' . __('Username:'******' ' . $data3['keymaster_user_login']['value']; $installation_log[] = '>>>>>> ' . __('Email address:') . ' ' . $data3['keymaster_user_email']['value']; $installation_log[] = '>>>>>> ' . __('Password:'******' ' . $data4['keymaster_user_password']['value']; $keymaster_created = true; } else { $installation_log[] = '>>> ' . __('Key master role could not be assigned to existing user!'); $installation_log[] = '>>>>>> ' . __('Halting installation!'); $error_log[] = __('Key master could not be created!'); $this->step_status[4] = 'incomplete'; $this->strings[4]['h2'] = __('Installation failed!'); $this->strings[4]['messages']['error'][] = __('The key master could not be assigned. You may need to replace bbPress with a fresh copy and start again.'); $data4['installation_log']['value'] = join("\n", $installation_log); $data4['error_log']['value'] = join("\n", $error_log); return 'incomplete'; } break; } // Don't create an initial forum if any forums already exist if (!$bbdb->get_results('SELECT `forum_id` FROM `' . $bbdb->forums . '` LIMIT 1;')) { if ($this->language != BB_LANG) { global $locale, $l10n; $locale = BB_LANG; unset($l10n['default']); bb_load_default_textdomain(); } $description = __('Just another bbPress community'); bb_update_option('description', $description); if ($this->language != BB_LANG) { $locale = $this->language; unset($l10n['default']); bb_load_default_textdomain(); } $installation_log[] = '>>> ' . __('Description:') . ' ' . $description; if ($forum_id = bb_new_forum(array('forum_name' => $data3['forum_name']['value']))) { $installation_log[] = '>>> ' . __('Forum name:') . ' ' . $data3['forum_name']['value']; if ($this->language != BB_LANG) { $locale = BB_LANG; unset($l10n['default']); bb_load_default_textdomain(); } $topic_title = __('Your first topic'); $topic_id = bb_insert_topic(array('topic_title' => $topic_title, 'forum_id' => $forum_id, 'tags' => 'bbPress')); $post_text = __('First Post! w00t.'); bb_insert_post(array('topic_id' => $topic_id, 'post_text' => $post_text)); if ($this->language != BB_LANG) { $locale = $this->language; unset($l10n['default']); bb_load_default_textdomain(); } $installation_log[] = '>>>>>> ' . __('Topic:') . ' ' . $topic_title; $installation_log[] = '>>>>>>>>> ' . __('Post:') . ' ' . $post_text; } else { $installation_log[] = '>>> ' . __('Forum could not be created!'); $error_log[] = __('Forum could not be created!'); } } else { $installation_log[] = '>>> ' . __('There are existing forums in this database.'); $installation_log[] = '>>>>>> ' . __('No new forum created.'); $error_log[] = __('Forums already exist!'); } if (defined('BB_PLUGIN_DIR') && BB_PLUGIN_DIR && !file_exists(BB_PLUGIN_DIR)) { // Just suppress errors as this is not critical if (@mkdir(BB_PLUGIN_DIR, 0750)) { $installation_log[] = '>>> ' . sprintf(__('Making plugin directory at %s.'), BB_PLUGIN_DIR); } } if (defined('BB_THEME_DIR') && BB_THEME_DIR && !file_exists(BB_THEME_DIR)) { // Just suppress errors as this is not critical if (@mkdir(BB_THEME_DIR, 0750)) { $installation_log[] = '>>> ' . sprintf(__('Making theme directory at %s.'), BB_THEME_DIR); } } if ($keymaster_created) { $keymaster_email_message = sprintf(__("Your new bbPress site has been successfully set up at:\n\n%1\$s\n\nYou can log in to the key master account with the following information:\n\nUsername: %2\$s\nPassword: %3\$s\n\nWe hope you enjoy your new forums. Thanks!\n\n--The bbPress Team\nhttp://bbpress.org/"), bb_get_uri(null, null, BB_URI_CONTEXT_TEXT), $data3['keymaster_user_login']['value'], $data4['keymaster_user_password']['value']); if (bb_mail($data3['keymaster_user_email']['value'], __('New bbPress installation'), $keymaster_email_message)) { $installation_log[] = '>>> ' . __('Key master email sent'); } else { $installation_log[] = '>>> ' . __('Key master email not sent!'); $error_log[] = __('Key master email not sent!'); } } if (count($error_log)) { $this->strings[4]['h2'] = __('Installation completed with some errors!'); $this->strings[4]['messages']['error'][] = __('Your installation completed with some minor errors. See the error log below for more specific information.'); $installation_log[] = "\n" . __('There were some errors encountered during installation!'); } else { $this->strings[4]['messages']['message'][] = __('Your installation completed successfully.'); $installation_log[] = "\n" . __('Installation complete!'); } $this->step_status[4] = 'complete'; $data4['installation_log']['value'] = join("\n", $installation_log); $data4['error_log']['value'] = join("\n", $error_log); return 'complete'; }
function bb_attachments_process_post($post_id = 0, $display = 0) { global $bbdb, $bb_attachments; if (!$post_id) { $post_id = intval($_GET['bb_attachments']); } // only can upload if user is allowed to edit post $user_id = bb_get_current_user_info('id'); if (!isset($_FILES['bb_attachments']) || !is_array($_FILES['bb_attachments']) || !$user_id || !$post_id || !bb_current_user_can('edit_post', $post_id) || !bb_current_user_can($bb_attachments['role']['upload'])) { return; } $user_ip = $_SERVER["REMOTE_ADDR"]; // $GLOBALS["HTTP_SERVER_VARS"]["REMOTE_ADDR"]; $time = time(); $inject = ""; $bb_post = bb_get_post($post_id); $topic_id = $bb_post->topic_id; // fetch related topic $topic_attachments = intval(bb_get_topicmeta($topic_id, "bb_attachments")); // generally how many on topic (may be off if post moved) $count = intval($bbdb->get_var("SELECT COUNT(*) FROM " . $bb_attachments['db'] . " WHERE post_id = {$post_id} AND status = 0")); // how many currently on post $offset = 0; // counter for this pass $strip = array(' ', '`', '"', '\'', '\\', '/', '..', '__'); // filter for filenames $maxlength = bb_attachments_lookup($bb_attachments['max']['filename']); reset($_FILES); $output = "<h3>" . __("Uploads") . "</h3><ol>"; // start output while (list($key, $value) = each($_FILES['bb_attachments']['name'])) { if (!empty($value)) { // don't trust these, check after upload $_FILES['bb_attachments']['type'] $_FILES['bb_attachments']['size'] $filename = trim(str_replace($strip, '_', stripslashes($value))); // sanitize filename further ??? if (empty($filename)) { $filename = "unknown"; } if (intval($_FILES['bb_attachments']['error'][$key]) == 0 && $_FILES['bb_attachments']['size'][$key] > 0) { $ext = strrpos($filename, '.') === false ? "" : trim(strtolower(substr($filename, strrpos($filename, '.') + 1))); if (strlen($filename) > $maxlength) { $filename = substr($filename, 0, $maxlength - strlen($ext) + 1) . "." . $ext; } // fix filename length $tmp = $bb_attachments['path'] . md5(rand(0, 99999) . time() . $_FILES['bb_attachments']['tmp_name'][$key]); // make random temp name that can't be guessed if (@is_uploaded_file($_FILES['bb_attachments']['tmp_name'][$key]) && @move_uploaded_file($_FILES['bb_attachments']['tmp_name'][$key], $tmp)) { $size = filesize($tmp); $mime = bb_attachments_mime_type($tmp); $status = 0; $id = 0; } else { $status = 2; // file move to temp name failed for some unknown reason $size = $_FILES['bb_attachments']['size'][$key]; // we'll trust the upload sequence for the size since it doesn't matter, it failed $mime = ""; $id = 0; } if ($status == 0 && !in_array($ext, bb_attachments_lookup($bb_attachments['allowed']['extensions']))) { $status = 3; } // disallowed extension if ($status == 0 && !in_array($mime, bb_attachments_lookup($bb_attachments['allowed']['mime_types']))) { $status = 4; } // disallowed mime if ($status == 0 && $size > bb_attachments_lookup($bb_attachments['max']['size'], $ext)) { $status = 5; } // disallowed size if ($status == 0 && $count + 1 > bb_attachments_lookup($bb_attachments['max']['per_post'])) { $status = 6; } // disallowed attachment count if ($size > 0 && $filename) { // we still save the status code if any but don't copy file until status = 0 $failed = $bbdb->get_var("\n\t\t\t\tINSERT INTO " . $bb_attachments['db'] . " ( time , post_id , user_id, user_ip, status , size , ext , mime , filename )\n\t\t\t\tVALUES ('{$time}', '{$post_id}' , '{$user_id}' , inet_aton('{$user_ip}') , {$status}, '{$size}', '" . addslashes($ext) . "', '{$mime}', '" . addslashes($filename) . "')\t\t\t\t\n\t\t\t\t"); if ($status == 0 && !$failed) { $id = intval($bbdb->get_var("SELECT LAST_INSERT_ID()")); } // fetch the assigned unique id # if ($failed || !$id) { $status = 2; } // db failure ? if ($status == 0) { // successful db insert - bbdb returns NULL on success so that !NULL is it's wierd way $dir = $bb_attachments['path'] . floor($id / 1000); if (function_exists('get_current_user') && function_exists('posix_setuid')) { // try to set user's id so file/dir creation is under their account $current = get_current_user(); if (!($current && !in_array($current, array("nobody", "httpd", "apache", "root")) && strpos(__FILE__, $current))) { $current = ""; } $x = posix_getuid(); if (0 == $x && $current) { $org_uid = posix_getuid(); $pw_info = posix_getpwnam($current); $uid = $pw_info["uid"]; posix_setuid($uid); } } if (!file_exists($dir)) { // check for sub-directory based on file number 0,1,2,3,4 etc. $oldumask = umask(0); @mkdir($dir, 0755); // I've found that as long as the PARENT is 777, the children don't have to be umask($oldumask); } $file = $dir . "/" . $id . "." . $filename; // file is commited here if (!$failed && $id > 0 && file_exists($tmp)) { @rename($tmp, $file); // now it's officially named @chmod($file, 0777); // make accessable via ftp for ease of management if ($bb_attachments['aws']['enable']) { bb_attachments_aws("{$dir}/", "{$id}.{$filename}", $mime); } // copy to S3 $count++; $offset++; // count how many successfully uploaded this time } else { $status = 2; // failed - not necessarily user's fault, could be filesystem } if (isset($org_uid) && $org_uid > 0 && function_exists('posix_setuid')) { posix_setuid($org_uid); } } else { if ($status == 0) { $status = 2; } // failed for db? } } } else { $status = 2; } if (!empty($tmp) && file_exists($tmp)) { @unlink($tmp); } // never, ever, leave temporary file behind for security if ($status > 0) { if ($id > 0) { $bbdb->query("UPDATE " . $bb_attachments['db'] . " SET 'status' = {$status} WHERE 'id' = {$id}"); } $error = ""; if ($_FILES['bb_attachments']['error'][$key] > 0) { $error = " (" . $bb_attachments['errors'][$_FILES['bb_attachments']['error'][$key]] . ") "; } $output .= "<li><span style='color:red'><strong>{$filename} " . " <span class='num'>(" . round($size / 1024, 1) . " KB)</span> " . __('error:') . " " . $bb_attachments['status'][$status] . "</strong>{$error}</span></li>"; } else { $output .= "<li><span style='color:green'><strong>{$filename} " . " <span class='num'>(" . round($size / 1024, 1) . " KB)</span> " . __('successful') . "</strong></span></li>"; if ($bb_attachments['inline']['auto'] && (list($width, $height, $type) = getimagesize($file))) { if ($display) { $location = bb_attachments_location(); $can_inline = true; if (!($bb_attachments['role']['inline'] == "read" || bb_current_user_can($bb_attachments['role']['inline']))) { $can_inline = false; } if ($location == "edit.php" && $can_inline) { $output .= '<scr' . 'ipt type="text/javascript" defer="defer"> bbat_field = document.getElementsByTagName("textarea")[0]; bbat_value=" [attachment="+' . $post_id . '+","+' . $id . '+"] "; bbat_field.value += bbat_value;</script>'; } // above auto-injects newly uploaded attachment if edit form present } else { $inject .= " [attachment={$post_id},{$id}]"; } } } } // end !$empty } // end while $output .= "</ol>"; if ($display) { echo $output; } elseif (!empty($inject) && $bb_attachments['inline']['auto']) { $bb_post->post_text = apply_filters('edit_text', $bb_post->post_text . $inject); bb_insert_post($bb_post); } // auto-inject bb_update_topicmeta($topic_id, 'bb_attachments', $topic_attachments + $offset); }
function bb_update_post($post_text, $post_id, $topic_id) { $post_text = stripslashes($post_text); return bb_insert_post(compact('post_text', 'post_id', 'topic_id')); }
require './bb-load.php'; bb_auth('logged_in'); $post_id = (int) $_POST['post_id']; $bb_post = bb_get_post($post_id); if (!$bb_post) { wp_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); die; } if (!bb_current_user_can('edit_post', $post_id)) { bb_die(__('Sorry, post is too old.')); } bb_check_admin_referer('edit-post_' . $post_id); if (0 != $bb_post->post_status && 'all' == $_GET['view']) { // We're trying to edit a deleted post add_filter('bb_is_first_where', 'bb_no_where'); } if (bb_is_first($bb_post->post_id) && bb_current_user_can('edit_topic', $bb_post->topic_id)) { bb_insert_topic(array('topic_title' => stripslashes($_POST['topic']), 'topic_id' => $bb_post->topic_id)); } bb_insert_post(array('post_text' => stripslashes($_POST['post_content']), 'post_id' => $post_id, 'topic_id' => $bb_post->topic_id)); if ($post_id) { if ($_REQUEST['view'] === 'all') { add_filter('get_post_link', 'bb_make_link_view_all'); } $post_link = get_post_link($post_id); wp_redirect($post_link); } else { wp_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); } exit;
function bp_forums_insert_post( $args = '' ) { global $bp; do_action( 'bbpress_init' ); $defaults = array( 'post_id' => false, 'topic_id' => false, 'post_text' => '', 'post_time' => date( 'Y-m-d H:i:s' ), 'poster_id' => $bp->loggedin_user->id, // accepts ids or names 'poster_ip' => $_SERVER['REMOTE_ADDR'], 'post_status' => 0, // use bb_delete_post() instead 'post_position' => false ); $r = wp_parse_args( $args, $defaults ); extract( $r, EXTR_SKIP ); if ( !$post = bp_forums_get_post( $post_id ) ) $post_id = false; if ( !isset( $topic_id ) ) $topic_id = $post->topic_id; if ( empty( $post_text ) ) $post_text = $post->post_text; if ( !isset( $post_time ) ) $post_time = $post->post_time; if ( !isset( $post_position ) ) $post_position = $post->post_position; $post_id = bb_insert_post( array( 'post_id' => $post_id, 'topic_id' => $topic_id, 'post_text' => stripslashes( trim( $post_text ) ), 'post_time' => $post_time, 'poster_id' => $poster_id, 'poster_ip' => $poster_ip, 'post_status' => $post_status, 'post_position' => $post_position ) ); if ( $post_id ) do_action( 'bp_forums_new_post', $post_id ); return $post_id; }
function bw_insert_tweet($t_user, $t_id, $t_title, $t_tweet, $t_tags) { //add a new topic by "Twitter User" $new_topic = bb_insert_topic(array('topic_title' => str_ireplace('#dhanswers', '', $t_title), 'topic_poster' => bw_get_id_from_user($t_user), 'forum_id' => 'general', 'tags' => $t_tags)); //add the tweet guid to the meta table for duplication bb_update_topicmeta($new_topic, 'tweetid', $t_id); //add a new post to this topic with the full tweet bb_insert_post(array('topic_id' => $new_topic, 'post_text' => $t_tweet, 'poster_id' => bw_get_id_from_user($t_user), 'poster_ip' => '127.0.0.1')); }
function bp_ning_import_process_inline_images_new($type, $post_ID, $post_type = 'post') { switch ($post_type) { case 'post': $post = get_post($post_ID); $text = $post->post_content; break; case 'topic': $topic = bb_get_first_post($post_ID); $post_ID = (int) $topic->post_id; $text = $topic->post_text; break; case 'topic_reply': $reply = bb_get_post($post_ID); $text = $reply->post_text; break; case 'comment': $comment = get_comment($post_ID); $text = $comment->comment_content; break; } $ning_dir = content_url('/ning-files/'); $real_images = array(); // Only worry about local images if (preg_match_all('#"(' . $type . '/.*?\\.(?:gif|jpg|jpeg|png|bmp))(?:\\?(?:[^"]*?))?"#', $text, $images)) { // $images is an array of file names in import-from-ning/json/discussions. Move 'em foreach ($images[1] as $image) { $real_name = bp_ning_real_image_name($image); if (!isset($real_images[$real_name])) { $html = media_sideload_image($ning_dir . $image, $post_ID); if (is_wp_error($html)) { continue; } preg_match("#<img src='(.*?)'#", $html, $matches); $url = $real_images[$real_name] = $matches[1]; } else { $url = $real_images[$real_name]; } $text = str_replace($image, $url, $text); } } else { return; } switch ($post_type) { case 'post': $args = array('ID' => $post_ID, 'post_content' => $text); $args = add_magic_quotes($args); wp_update_post($args); break; case 'topic': case 'topic_reply': $args = array('post_id' => $post_ID, 'post_text' => $text); bb_insert_post($args); break; case 'comment': $args = array('comment_ID' => $post_ID, 'comment_content' => $text); wp_update_comment($args); break; } }