/** * Toggle reply * * Handles the admin-side spamming/unspamming of replies * * @since 2.0.0 bbPress (r2740) * * @uses bbp_get_reply() To get the reply * @uses current_user_can() To check if the user is capable of editing * the reply * @uses wp_die() To die if the user isn't capable or the post wasn't * found * @uses check_admin_referer() To verify the nonce and check referer * @uses bbp_is_reply_spam() To check if the reply is marked as spam * @uses bbp_unspam_reply() To unmark the reply as spam * @uses bbp_spam_reply() To mark the reply as spam * @uses do_action() Calls 'bbp_toggle_reply_admin' with success, post * data, action and message * @uses add_query_arg() To add custom args to the url * @uses bbp_redirect() Redirect the page to custom url */ public function toggle_reply() { if ($this->bail()) { return; } // Only proceed if GET is a reply toggle action if (bbp_is_get_request() && !empty($_GET['action']) && in_array($_GET['action'], array('bbp_toggle_reply_spam', 'bbp_toggle_reply_approve')) && !empty($_GET['reply_id'])) { $action = $_GET['action']; // What action is taking place? $reply_id = (int) $_GET['reply_id']; // What's the reply id? $success = false; // Flag $post_data = array('ID' => $reply_id); // Prelim array // Get reply and die if empty $reply = bbp_get_reply($reply_id); if (empty($reply)) { wp_die(__('The reply was not found!', 'bbpress')); } // What is the user doing here? if (!current_user_can('moderate', $reply->ID)) { wp_die(__('You do not have the permission to do that!', 'bbpress')); } switch ($action) { case 'bbp_toggle_reply_approve': check_admin_referer('approve-reply_' . $reply_id); $is_approve = bbp_is_reply_pending($reply_id); $message = $is_approve ? 'approved' : 'unapproved'; $success = $is_approve ? bbp_approve_reply($reply_id) : bbp_unapprove_reply($reply_id); break; case 'bbp_toggle_reply_spam': check_admin_referer('spam-reply_' . $reply_id); $is_spam = bbp_is_reply_spam($reply_id); $message = $is_spam ? 'unspammed' : 'spammed'; $success = $is_spam ? bbp_unspam_reply($reply_id) : bbp_spam_reply($reply_id); break; } $message = array('bbp_reply_toggle_notice' => $message, 'reply_id' => $reply->ID); if (false === $success || is_wp_error($success)) { $message['failed'] = '1'; } // Do additional reply toggle actions (admin side) do_action('bbp_toggle_reply_admin', $success, $post_data, $action, $message); // Redirect back to the reply $redirect = add_query_arg($message, remove_query_arg(array('action', 'reply_id'))); bbp_redirect($redirect); } }
/** * @covers ::bbp_is_reply_pending */ public function test_bbp_is_reply_pending() { $forum_id = $this->factory->forum->create(); $topic_id = $this->factory->topic->create(array('post_parent' => $forum_id, 'topic_meta' => array('forum_id' => $forum_id))); $reply_id = $this->factory->reply->create(array('post_parent' => $topic_id, 'reply_meta' => array('forum_id' => $forum_id, 'topic_id' => $topic_id))); $r = $this->factory->reply->create(array('post_parent' => $topic_id, 'reply_meta' => array('forum_id' => $forum_id, 'topic_id' => $topic_id))); bbp_unapprove_reply($r); $reply_pending = bbp_is_reply_pending($r); $this->assertTrue($reply_pending); bbp_approve_reply($r); $reply_pending = bbp_is_reply_pending($r); $this->assertFalse($reply_pending); }
/** * Do the actual reply toggling * * This function is used by `bbp_toggle_reply_handler()` to do the actual heavy * lifting when it comes to toggling replies. It only really makes sense to call * within that context, so if you need to call this function directly, make sure * you're also doing what the handler does too. * * @since 2.6.0 bbPress (r6133) * @access private * * @param array $args */ function bbp_toggle_reply($args = array()) { // Parse the arguments $r = bbp_parse_args($args, array('id' => 0, 'action' => '', 'sub_action' => '', 'data' => array())); // Build the nonce suffix $nonce_suffix = bbp_get_reply_post_type() . '_' . (int) $r['id']; // Default return values $retval = array('status' => 0, 'message' => '', 'redirect_to' => bbp_get_reply_url($r['id'], bbp_get_redirect_to()), 'view_all' => false); // What action are we trying to perform? switch ($r['action']) { // Toggle approve case 'bbp_toggle_reply_approve': check_ajax_referer("approve-{$nonce_suffix}"); $is_approve = bbp_is_reply_pending($r['id']); $retval['status'] = $is_approve ? bbp_approve_reply($r['id']) : bbp_unapprove_reply($r['id']); $retval['message'] = $is_approve ? __('<strong>ERROR</strong>: There was a problem approving the reply.', 'bbpress') : __('<strong>ERROR</strong>: There was a problem unapproving the reply.', 'bbpress'); $retval['view_all'] = !$is_approve; break; // Toggle spam // Toggle spam case 'bbp_toggle_reply_spam': check_ajax_referer("spam-{$nonce_suffix}"); $is_spam = bbp_is_reply_spam($r['id']); $retval['status'] = $is_spam ? bbp_unspam_reply($r['id']) : bbp_spam_reply($r['id']); $retval['message'] = $is_spam ? __('<strong>ERROR</strong>: There was a problem unmarking the reply as spam.', 'bbpress') : __('<strong>ERROR</strong>: There was a problem marking the reply as spam.', 'bbpress'); $retval['view_all'] = !$is_spam; break; // Toggle trash // Toggle trash case 'bbp_toggle_reply_trash': // Which subaction? switch ($r['sub_action']) { case 'trash': check_ajax_referer("trash-{$nonce_suffix}"); $retval['view_all'] = true; $retval['status'] = wp_trash_post($r['id']); $retval['message'] = __('<strong>ERROR</strong>: There was a problem trashing the reply.', 'bbpress'); break; case 'untrash': check_ajax_referer("untrash-{$nonce_suffix}"); $retval['status'] = wp_untrash_post($r['id']); $retval['message'] = __('<strong>ERROR</strong>: There was a problem untrashing the reply.', 'bbpress'); break; case 'delete': check_ajax_referer("delete-{$nonce_suffix}"); $retval['status'] = wp_delete_post($r['id']); $retval['message'] = __('<strong>ERROR</strong>: There was a problem deleting the reply.', 'bbpress'); break; } break; } // Add view all if needed if (!empty($retval['view_all'])) { $retval['redirect_to'] = bbp_add_view_all($retval['redirect_to'], true); } // Filter & return return apply_filters('bbp_toggle_reply', $retval, $r, $args); }
/** * Return the approve link of the reply * * @since 2.6.0 bbPress (r5507) * * @param array $args This function supports these args: * - id: Optional. Reply id * - link_before: Before the link * - link_after: After the link * - sep: Separator between links * - approve_text: Approve text * - unapprove_text: Unapprove text * @uses bbp_get_reply_id() To get the reply id * @uses bbp_get_reply() To get the reply * @uses current_user_can() To check if the current user can approve the reply * @uses bbp_is_reply_pending() To check if the reply is pending * @uses add_query_arg() To add custom args to the url * @uses wp_nonce_url() To nonce the url * @uses esc_url() To escape the url * @uses apply_filters() Calls 'bbp_get_reply_approve_link' with the link * and args * @return string Reply approve link */ function bbp_get_reply_approve_link($args = array()) { // Parse arguments against default values $r = bbp_parse_args($args, array('id' => 0, 'link_before' => '', 'link_after' => '', 'sep' => ' | ', 'approve_text' => _x('Approve', 'Pending Status', 'bbpress'), 'unapprove_text' => _x('Unapprove', 'Pending Status', 'bbpress')), 'get_reply_approve_link'); $reply = bbp_get_reply($r['id']); if (empty($reply) || !current_user_can('moderate', $reply->ID)) { return; } $display = bbp_is_reply_pending($reply->ID) ? $r['approve_text'] : $r['unapprove_text']; $uri = add_query_arg(array('action' => 'bbp_toggle_reply_approve', 'reply_id' => $reply->ID)); $uri = wp_nonce_url($uri, 'approve-reply_' . $reply->ID); $retval = $r['link_before'] . '<a href="' . esc_url($uri) . '" class="bbp-reply-approve-link">' . $display . '</a>' . $r['link_after']; return apply_filters('bbp_get_reply_approve_link', $retval, $r, $args); }
/** * Handles the front end spamming/unspamming and trashing/untrashing/deleting of * replies * * @since 2.0.0 bbPress (r2740) * * @param string $action The requested action to compare this function to * @uses bbp_get_reply() To get the reply * @uses current_user_can() To check if the user is capable of editing or * deleting the reply * @uses check_ajax_referer() To verify the nonce and check the referer * @uses bbp_get_reply_post_type() To get the reply post type * @uses bbp_is_reply_spam() To check if the reply is marked as spam * @uses bbp_spam_reply() To make the reply as spam * @uses bbp_unspam_reply() To unmark the reply as spam * @uses wp_trash_post() To trash the reply * @uses wp_untrash_post() To untrash the reply * @uses wp_delete_post() To delete the reply * @uses do_action() Calls 'bbp_toggle_reply_handler' with success, post data * and action * @uses bbp_get_reply_url() To get the reply url * @uses bbp_redirect() To redirect to the reply * @uses bbPress::errors:add() To log the error messages */ function bbp_toggle_reply_handler($action = '') { // Bail if required GET actions aren't passed if (empty($_GET['reply_id'])) { return; } // Setup possible get actions $possible_actions = array('bbp_toggle_reply_spam', 'bbp_toggle_reply_trash', 'bbp_toggle_reply_approve'); // Bail if actions aren't meant for this function if (!in_array($action, $possible_actions)) { return; } $failure = ''; // Empty failure string $view_all = false; // Assume not viewing all $reply_id = (int) $_GET['reply_id']; // What's the reply id? $success = false; // Flag $post_data = array('ID' => $reply_id); // Prelim array // Make sure reply exists $reply = bbp_get_reply($reply_id); if (empty($reply)) { return; } // What is the user doing here? if (!current_user_can('edit_reply', $reply->ID) || 'bbp_toggle_reply_trash' === $action && !current_user_can('delete_reply', $reply->ID)) { bbp_add_error('bbp_toggle_reply_permission', __('<strong>ERROR:</strong> You do not have the permission to do that!', 'bbpress')); return; } // What action are we trying to perform? switch ($action) { // Toggle approve case 'bbp_toggle_reply_approve': check_ajax_referer('approve-reply_' . $reply_id); $is_approve = bbp_is_reply_pending($reply_id); $success = $is_approve ? bbp_approve_reply($reply_id) : bbp_unapprove_reply($reply_id); $failure = $is_approve ? __('<strong>ERROR</strong>: There was a problem approving the reply!', 'bbpress') : __('<strong>ERROR</strong>: There was a problem unapproving the reply!', 'bbpress'); $view_all = !$is_approve; break; // Toggle spam // Toggle spam case 'bbp_toggle_reply_spam': check_ajax_referer('spam-reply_' . $reply_id); $is_spam = bbp_is_reply_spam($reply_id); $success = $is_spam ? bbp_unspam_reply($reply_id) : bbp_spam_reply($reply_id); $failure = $is_spam ? __('<strong>ERROR</strong>: There was a problem unmarking the reply as spam!', 'bbpress') : __('<strong>ERROR</strong>: There was a problem marking the reply as spam!', 'bbpress'); $view_all = !$is_spam; break; // Toggle trash // Toggle trash case 'bbp_toggle_reply_trash': $sub_action = in_array($_GET['sub_action'], array('trash', 'untrash', 'delete')) ? $_GET['sub_action'] : false; if (empty($sub_action)) { break; } switch ($sub_action) { case 'trash': check_ajax_referer('trash-' . bbp_get_reply_post_type() . '_' . $reply_id); $view_all = true; $success = wp_trash_post($reply_id); $failure = __('<strong>ERROR</strong>: There was a problem trashing the reply!', 'bbpress'); break; case 'untrash': check_ajax_referer('untrash-' . bbp_get_reply_post_type() . '_' . $reply_id); $success = wp_untrash_post($reply_id); $failure = __('<strong>ERROR</strong>: There was a problem untrashing the reply!', 'bbpress'); break; case 'delete': check_ajax_referer('delete-' . bbp_get_reply_post_type() . '_' . $reply_id); $success = wp_delete_post($reply_id); $failure = __('<strong>ERROR</strong>: There was a problem deleting the reply!', 'bbpress'); break; } break; } // Do additional reply toggle actions do_action('bbp_toggle_reply_handler', $success, $post_data, $action); // No errors if (false !== $success && !is_wp_error($success)) { /** Redirect **********************************************************/ // Redirect to $redirect_to = bbp_get_redirect_to(); // Get the reply URL $reply_url = bbp_get_reply_url($reply_id, $redirect_to); // Add view all if needed if (!empty($view_all)) { $reply_url = bbp_add_view_all($reply_url, true); } // Redirect back to reply bbp_redirect($reply_url); // Handle errors } else { bbp_add_error('bbp_toggle_reply', $failure); } }