/** * Adds the link to the file or list of files at the bottom of the message * * @param string $message the content of the private message * @uses buddydrive_get_buddyfile() to get the file or folder object * @uses buddydrive_get_file_post_type() to get the file post type * @uses buddydrive_get_folder_post_type() to get the folder post type * @return string $message with the link to the file/folder */ function buddydrive_update_message_content($message) { if (!empty($_POST['_buddyitem_link'])) { $password = $password_check = false; if (!empty($_POST['_buddyitem_pass'])) { $buddyitem = buddydrive_get_buddyfile($_REQUEST['_buddyitem_id'], array(buddydrive_get_file_post_type(), buddydrive_get_folder_post_type())); if (!empty($buddyitem->post_parent)) { $parent = buddydrive_get_buddyfile($buddyitem->post_parent, buddydrive_get_folder_post_type()); $password_check = $parent->password; } else { $password_check = $buddyitem->password; } $password = !empty($password_check) ? '<p>' . sprintf(__('Password : %s', 'buddydrive'), $password_check) . '</p>' : false; } $message->message .= "\n" . $_POST['_buddyitem_link'] . "\n" . $password; } }
/** * Post an activity in user's profile * * @uses check_admin_referer() for security reasons * @uses bp_loggedin_user_id() to get the current user id * @uses buddydrive_get_folder_post_type() to get the BuddyFolder post type * @uses buddydrive_get_name() so that it's possible to brand the plugin * @uses buddydrive_get_file_post_type() to get the BuddyFile post type * @uses buddydrive_get_buddyfile() to get item * @uses bp_core_get_userlink() to get link to user's profile * @uses bp_activity_add() to finaly record the activity without updating the latest meta * @return int 1 or string an error message */ function buddydrive_share_in_profile() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Check the nonce check_admin_referer('buddydrive_actions', '_wpnonce_buddydrive_actions'); $buddyitem = intval($_POST['itemid']); if (empty($buddyitem)) { _e('this is embarassing, it did not work :(', 'buddydrive'); die; } $link = $_POST['url']; $result = false; $user_id = bp_loggedin_user_id(); $item_type = 'folder' == $_POST['itemtype'] ? buddydrive_get_folder_post_type() : buddydrive_get_file_post_type(); if (!empty($buddyitem)) { $buddyfile = buddydrive_get_buddyfile($buddyitem, $item_type); if (empty($buddyfile->ID) || $buddyfile->check_for != 'public') { // no item or not a public one ?? _e('We could not find your BuddyDrive item or its privacy is not set to public', 'buddydrive'); die; } $action = sprintf(__('%1$s shared a %2$s Item', 'buddydrive'), bp_core_get_userlink($user_id), buddydrive_get_name()); $content = $link; $args = array('user_id' => $user_id, 'action' => $action, 'content' => $content, 'primary_link' => bp_core_get_userlink($user_id, false, true), 'component' => 'activity', 'type' => 'activity_update'); $result = bp_activity_add($args); } if (!empty($result)) { echo 1; } else { echo _e('this is embarassing, it did not work :(', 'buddydrive'); } die; }
/** * @group save * @group update */ public function test_buddydrive_update_item() { // create the upload dir $upload_dir = buddydrive_get_upload_data(); $meta = new stdClass(); $meta->privacy = 'public'; $expected_ids = array(); $expected_ids['file_id'] = buddydrive_save_item(array('type' => buddydrive_get_file_post_type(), 'user_id' => $this->user_id, 'title' => 'screenshot-1.png', 'content' => 'foo bar file', 'mime_type' => 'image/png', 'guid' => trailingslashit($upload_dir['url']) . 'screenshot-1.png', 'metas' => $meta)); $file_object = buddydrive_get_buddyfile($expected_ids['file_id']); $this->assertTrue('public' === $file_object->check_for); $meta->privacy = 'private'; $expected_ids['folder_id'] = buddydrive_save_item(array('type' => buddydrive_get_folder_post_type(), 'title' => 'foo', 'content' => 'foo bar folder', 'metas' => $meta)); buddydrive_update_item(array('parent_folder_id' => $expected_ids['folder_id']), $file_object); $file_object = buddydrive_get_buddyfile($expected_ids['file_id']); $this->assertTrue((int) $file_object->post_parent === (int) $expected_ids['folder_id']); $this->assertTrue('private' === $file_object->check_for); $folder_object = buddydrive_get_buddyfile($expected_ids['folder_id'], buddydrive_get_folder_post_type()); buddydrive_update_item(array('privacy' => 'public'), $folder_object); $file_object = buddydrive_get_buddyfile($expected_ids['file_id']); $this->assertTrue('public' === $file_object->check_for); }
/** * Makes it possible to edit a single item * * @uses is_super_admin() to check for the current user is an admin * @uses buddydrive_get_buddyfile() to get a single item * @uses buddydrive_get_folder_post_type() to get BuddyFolder post type * @uses buddydrive_get_file_post_type() to get BuddyFile post type * @uses remove_meta_box() in case of a file we don't need to list children * @uses get_current_screen() to get current admin screen * @uses remove_query_arg() to remove some args to the url * @uses add_query_args() to add some args to the url * @uses screen_icon() to display the BuddyDrive icon * @uses esc_attr() to sanitize data * @uses wp_kses() to sanitize data * @uses do_meta_boxes() to display the meta boxes * @uses wp_nonce_field() for security reasons */ function buddydrive_files_admin_edit() { if (!is_super_admin()) { die('-1'); } $messages = array(); $is_error = !empty($_REQUEST['error']) ? $_REQUEST['error'] : false; $updated = !empty($_REQUEST['updated']) ? $_REQUEST['updated'] : false; if ($is_error) { $messages[] = __('An error occurred when trying to update your item details.', 'buddydrive'); } else { if (!empty($updated)) { $messages[] = __('The item has been updated successfully.', 'buddydrive'); } } $item = buddydrive_get_buddyfile($_GET['bid'], array(buddydrive_get_folder_post_type(), buddydrive_get_file_post_type())); $item_name = isset($item->title) ? apply_filters('buddydrive_get_item_title', $item->title) : ''; if ($item->post_type == buddydrive_get_file_post_type()) { remove_meta_box('buddydrive_item_children', get_current_screen()->id, 'normal'); } // Construct URL for form $form_url = remove_query_arg(array('action', 'action2', 'deleted', 'error'), $_SERVER['REQUEST_URI']); $form_url = add_query_arg('action', 'save', $form_url); // Call an action for plugins to modify the BuddyDrive item before we display the edit form do_action_ref_array('buddydrive_files_admin_edit', array(&$item)); ?> <div class="wrap" id="buddydrive-admin-item"> <?php screen_icon('buddydrive'); ?> <h2><?php _e('Edit BuddyDrive Item', 'buddydrive'); ?> </h2> <?php if (!empty($messages)) { ?> <div id="moderated" class="<?php echo $is_error ? 'error' : 'updated'; ?> "><p><?php echo implode("<br/>\n", $messages); ?> </p></div> <?php } ?> <?php if (!empty($item)) { ?> <form action="<?php echo esc_url($form_url); ?> " id="buddydrive-edit-form" method="post"> <div id="poststuff"> <div id="post-body" class="metabox-holder columns-<?php echo 1 == get_current_screen()->get_columns() ? '1' : '2'; ?> "> <div id="post-body-content"> <div id="postdiv" class="postarea"> <div id="buddydrive_item_name" class="postbox"> <h3><?php _e('Name and Description', 'buddydrive'); ?> </h3> <div class="inside"> <label for="buddydrive-item-title"><?php _e('Name', 'buddydrive'); ?> </label> <input type="text" name="buddydrive-edit[item-title]" id="buddydrive-item-title" value="<?php echo esc_attr(stripslashes($item_name)); ?> " /> <?php if ($item->post_type == buddydrive_get_file_post_type()) { ?> <label for="buddydrive-item-content"><?php _e('Description', 'buddydrive'); ?> </label> <textarea name="buddydrive-edit[item-content]" id="buddydrive-item-content" placeholder="<?php _e('140 characters to do so', 'buddydrive'); ?> " maxlength="140"><?php echo wp_kses(stripslashes($item->content), array()); ?> </textarea> <?php } ?> </div> </div> </div> </div><!-- #post-body-content --> <div id="postbox-container-1" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'side', $item); ?> </div> <div id="postbox-container-2" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'normal', $item); ?> <?php do_meta_boxes(get_current_screen()->id, 'advanced', $item); ?> </div> </div><!-- #post-body --> </div><!-- #poststuff --> <?php wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); ?> <?php wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); ?> <?php wp_nonce_field('edit-buddydrive-item_' . $item->ID); ?> </form> <?php } else { ?> <p><?php printf(__('No item found with this ID. <a href="%s">Go back and try again</a>.', 'buddydrive'), esc_url(bp_get_admin_url('admin.php?page=buddydrive-files'))); ?> </p> <?php } ?> </div><!-- .wrap --> <?php }
/** * Handles an embed BuddyDrive item * * @param array $matches the result of the preg_match * @param array $attr * @param string $url * @param array $rawattr * @uses is_multisite() to check for multisite config * @uses bp_get_root_blog_id() to get the root blog id * @uses switch_to_blog() to change for root blog id * @uses buddydrive_get_buddyfile() to get the BuddyDrive Item * @uses buddydrive_get_file_post_type() to get the BuddyFile post type * @uses wp_mime_type_icon() to get the WordPress crystal icon * @uses buddydrive_get_folder_post_type() to get the BuddyFolder post type * @uses buddydrive_get_group_buddydrive_url() to build the url to the BuddyDrive group * @uses buddydrive_get_user_buddydrive_url() to get the user's BuddyDrive url * @uses buddydrive_get_images_url() to get the image url of the plugin * @uses the BuddyDrive Loop and some tempkate tags * @uses wp_reset_postdata() to avoid some weird link.. * @uses restore_current_blog() to restore the child blog. * @return string $embed the html output */ function wp_embed_handler_buddydrive($matches, $attr, $url, $rawattr) { $link = $title = $icon = $content = $mime_type = $filelist = $hw_attr = false; $current_blog = get_current_blog_id(); if (is_multisite() && (int) $current_blog !== (int) bp_get_root_blog_id()) { switch_to_blog(bp_get_root_blog_id()); } if ($matches[1] == 'file') { $buddyfile = buddydrive_get_buddyfile($matches[2], buddydrive_get_file_post_type()); if (empty($buddyfile)) { return ''; } $link = $buddyfile->link; $title = $buddyfile->title; $content = $buddyfile->content; $mime_type = $buddyfile->mime_type; $icon = wp_mime_type_icon($buddyfile->ID); if ('public' === $buddyfile->check_for) { $thumbnail = buddydrive_get_thumbnail($buddyfile->ID, 'thumburl', false); if (!empty($thumbnail[0])) { $icon = $thumbnail[0]; $hw_attr = image_hwstring($thumbnail[1], $thumbnail[2]); } } // It's a folfer } else { $buddyfile = buddydrive_get_buddyfile($matches[2], buddydrive_get_folder_post_type()); if (empty($buddyfile)) { return ''; } $buddydrive_root_link = $buddyfile->check_for == 'groups' ? buddydrive_get_group_buddydrive_url($buddyfile->group) : buddydrive_get_user_buddydrive_url($buddyfile->user_id); $link = $buddydrive_root_link . '?folder-' . $buddyfile->ID; $title = $buddyfile->title; $mime_type = $buddyfile->mime_type; $icon = buddydrive_get_images_url() . 'folder.png'; } $embed = '<table style="width:auto"><tr>'; $tdwidth = 'width:60px;'; if (!empty($hw_attr)) { $tdwidth = ''; } $embed .= '<td style="vertical-align:middle;' . $tdwidth . '"><a href="' . esc_url($link) . '" title="' . esc_attr($title) . '"><img src="' . esc_url($icon) . '" alt="' . esc_attr($mime_type) . '" class="buddydrive-thumb" ' . $hw_attr . '></a></td>'; $embed .= '<td style="vertical-align:middle"><h6 style="margin:0"><a href="' . esc_url($link) . '" title="' . esc_attr($title) . '">' . esc_html($title) . '</a></h6>'; if (!empty($content)) { $embed .= '<p style="margin:0">' . esc_html($content) . '</p>'; } if ($matches[1] == 'folder') { global $buddydrive_template; if (buddydrive_has_items(array('buddydrive_parent' => $buddyfile->ID))) { $filelist = '<p style="margin-top:1em;margin-bottom:0">' . esc_html__('Files included in this folder :', 'buddydrive') . '</p><ul>'; while (buddydrive_has_items()) { buddydrive_the_item(); $filelist .= '<li><a href="' . esc_url(buddydrive_get_action_link()) . '" title="' . esc_attr(buddydrive_get_item_title()) . '">' . esc_html(buddydrive_get_item_title()) . '</a></li>'; } $filelist .= '</ul>'; $buddydrive_template = false; } wp_reset_postdata(); $embed .= $filelist; } $embed .= '</td></tr></table>'; if (is_multisite() && (int) $current_blog !== (int) bp_get_root_blog_id()) { restore_current_blog(); } return apply_filters('embed_buddydrive', $embed, $matches, $attr, $url, $rawattr); }
/** * @group get * @group scope */ public function test_buddydrive_item_get_by_scope() { $u2 = $this->factory->user->create(); // Admin $this->set_current_user(1); $by_scope = new BuddyDrive_Item(); // Get by scope $by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'admin')); // Admin should see everything $this->assertTrue((int) $by_scope->query->found_posts === 2); // Update the privacy of the file $file_object = buddydrive_get_buddyfile($this->expected_ids['foo']); buddydrive_update_item(array('privacy' => 'public'), $file_object); // Any user $this->set_current_user($u2); add_filter('bp_displayed_user_id', array($this, 'set_displayed_user_id'), 10, 1); $by_scope = new BuddyDrive_Item(); // Get by scope $by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'files')); $file = wp_list_pluck($by_scope->query->posts, 'ID'); $this->assertTrue($this->expected_ids['foo'] === (int) $file[0], 'only public files should be listed'); // The owner $this->set_current_user($this->user_id); $by_scope = new BuddyDrive_Item(); // Get by scope $by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'files')); // Owner should see everything $this->assertTrue((int) $by_scope->query->found_posts === 2); remove_filter('bp_displayed_user_id', array($this, 'set_displayed_user_id'), 10, 1); // Any user $this->set_current_user($u2); // Update the privacy and owner of the file $file_object = buddydrive_get_buddyfile($this->expected_ids['bar']); buddydrive_update_item(array('privacy' => 'public', 'user_id' => $u2), $file_object); $by_scope = new BuddyDrive_Item(); // Get by scope $by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'public')); // Custom loops should be able to list all public files $this->assertTrue((int) $by_scope->query->found_posts === 2); buddydrive_update_item(array('privacy' => 'private'), $file_object); $by_scope = new BuddyDrive_Item(); // Get by scope $by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'public')); // Custom loops should be able to list all public files $this->assertTrue((int) $by_scope->query->found_posts === 1); }
/** * Deletes a list of items or all the items of a given user * * @param array $ids array of BuddyDrive Item ids * @param int $user_id the id of a user * @global object $wpdb * @uses get_user_meta() to get the quota of the user id * @uses buddydrive_get_buddyfile() to get the BuddyDrive item * @uses wp_delete_post() to delete the BuddyDrive post type * @uses update_user_meta() to eventually update user's quota * @return int number of deleted items */ public function delete($ids = false, $user_id = false) { global $wpdb; $buddydrive_ids = array(); $spaces = array(); $new_space = false; $ids = array_filter(wp_parse_id_list($ids)); if (!empty($ids)) { //we need to get the children $in = '("' . implode('","', $ids) . '")'; $buddydrive_ids = $wpdb->get_col("SELECT ID FROM {$wpdb->base_prefix}posts WHERE post_parent IN {$in}"); $buddydrive_ids = array_merge($buddydrive_ids, $ids); } elseif (!empty($user_id) && empty($ids)) { // in case a user is deleted $buddydrive_ids = $wpdb->get_col($wpdb->prepare("SELECT ID FROM {$wpdb->base_prefix}posts WHERE post_author = %d AND post_type IN (%s, %s)", $user_id, buddydrive_get_folder_post_type(), buddydrive_get_file_post_type())); $new_user = (int) apply_filters('buddydrive_set_owner_on_user_deleted', 0); // The new user must have the power to post in any group if (!empty($new_user) && user_can($new_user, 'bp_moderate') && !empty($buddydrive_ids)) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->base_prefix}posts SET post_author = %d WHERE post_author = %d AND post_type IN (%s, %s)", $new_user, $user_id, buddydrive_get_folder_post_type(), buddydrive_get_file_post_type())); foreach ($buddydrive_ids as $post_id) { clean_post_cache($post_id); } } } if (empty($buddydrive_ids)) { return false; } if (empty($new_user)) { foreach ($buddydrive_ids as $id) { $buddyfile = buddydrive_get_buddyfile($id); if (!empty($buddyfile)) { if (!empty($buddyfile->path) && file_exists($buddyfile->path)) { if (!isset($spaces[$buddyfile->user_id])) { $spaces[$buddyfile->user_id] = filesize($buddyfile->path); } else { $spaces[$buddyfile->user_id] += filesize($buddyfile->path); } unlink($buddyfile->path); } // Delete the thumbnail if ('public' === $buddyfile->check_for) { buddydrive_delete_thumbnail($buddyfile->ID); } } wp_delete_post($id, true); } } if (!empty($spaces)) { foreach ($spaces as $u_id => $space) { $user_total_space = get_user_meta($u_id, '_buddydrive_total_space', true); $user_total_space = intval($user_total_space); if ($space < $user_total_space) { buddydrive_update_user_space($u_id, -1 * absint($space)); } else { delete_user_meta($u_id, '_buddydrive_total_space'); } } } return count($buddydrive_ids); }