/** * This function runs when an action is set for a screen: * example.com/members/andy/profile/change-avatar/ [delete-avatar] * * The function will delete the active avatar for a user. * * @package BuddyPress Xprofile * @uses bp_core_delete_avatar() Deletes the active avatar for the logged in user. * @uses add_action() Runs a specific function for an action when it fires. */ function xprofile_action_delete_avatar() { if (!bp_is_user_change_avatar() || !bp_is_action_variable('delete-avatar', 0)) { return false; } // Check the nonce check_admin_referer('bp_delete_avatar_link'); if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) { return false; } if (bp_core_delete_existing_avatar(array('item_id' => bp_displayed_user_id()))) { bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress')); } else { bp_core_add_message(__('There was a problem deleting that avatar, please try again.', 'buddypress'), 'error'); } bp_core_redirect(wp_get_referer()); }
/** * Crop an uploaded avatar. * * $args has the following parameters: * object - What component the avatar is for, e.g. "user" * avatar_dir The absolute path to the avatar * item_id - Item ID * original_file - The absolute path to the original avatar file * crop_w - Crop width * crop_h - Crop height * crop_x - The horizontal starting point of the crop * crop_y - The vertical starting point of the crop * * @param array $args { * Array of function parameters. * @type string $object Object type of the item whose avatar you're * handling. 'user', 'group', 'blog', or custom. Default: 'user'. * @type string $avatar_dir Subdirectory where avatar should be stored. * Default: 'avatars'. * @type bool|int $item_id ID of the item that the avatar belongs to. * @type bool|string $original_file Absolute papth to the original avatar * file. * @type int $crop_w Crop width. Default: the global 'full' avatar width, * as retrieved by bp_core_avatar_full_width(). * @type int $crop_h Crop height. Default: the global 'full' avatar height, * as retrieved by bp_core_avatar_full_height(). * @type int $crop_x The horizontal starting point of the crop. Default: 0. * @type int $crop_y The vertical starting point of the crop. Default: 0. * } * @return bool True on success, false on failure. */ function bp_core_avatar_handle_crop($args = '') { $r = wp_parse_args($args, array('object' => 'user', 'avatar_dir' => 'avatars', 'item_id' => false, 'original_file' => false, 'crop_w' => bp_core_avatar_full_width(), 'crop_h' => bp_core_avatar_full_height(), 'crop_x' => 0, 'crop_y' => 0)); /*** * You may want to hook into this filter if you want to override this function. * Make sure you return false. */ if (!apply_filters('bp_core_pre_avatar_handle_crop', true, $r)) { return true; } extract($r, EXTR_SKIP); if (empty($original_file)) { return false; } $original_file = bp_core_avatar_upload_path() . $original_file; if (!file_exists($original_file)) { return false; } if (empty($item_id)) { $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', dirname($original_file), $item_id, $object, $avatar_dir); } else { $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', bp_core_avatar_upload_path() . '/' . $avatar_dir . '/' . $item_id, $item_id, $object, $avatar_dir); } if (!file_exists($avatar_folder_dir)) { return false; } require_once ABSPATH . '/wp-admin/includes/image.php'; require_once ABSPATH . '/wp-admin/includes/file.php'; // Delete the existing avatar files for the object $existing_avatar = bp_core_fetch_avatar(array('object' => $object, 'item_id' => $item_id, 'html' => false)); if (!empty($existing_avatar)) { // Check that the new avatar doesn't have the same name as the // old one before deleting $upload_dir = wp_upload_dir(); $existing_avatar_path = str_replace($upload_dir['baseurl'], '', $existing_avatar); $new_avatar_path = str_replace($upload_dir['basedir'], '', $original_file); if ($existing_avatar_path !== $new_avatar_path) { bp_core_delete_existing_avatar(array('object' => $object, 'item_id' => $item_id, 'avatar_path' => $avatar_folder_dir)); } } // Make sure we at least have a width and height for cropping if (empty($crop_w)) { $crop_w = bp_core_avatar_full_width(); } if (empty($crop_h)) { $crop_h = bp_core_avatar_full_height(); } // Get the file extension $data = @getimagesize($original_file); $ext = $data['mime'] == 'image/png' ? 'png' : 'jpg'; // Set the full and thumb filenames $full_filename = wp_hash($original_file . time()) . '-bpfull.' . $ext; $thumb_filename = wp_hash($original_file . time()) . '-bpthumb.' . $ext; // Crop the image $full_cropped = wp_crop_image($original_file, (int) $crop_x, (int) $crop_y, (int) $crop_w, (int) $crop_h, bp_core_avatar_full_width(), bp_core_avatar_full_height(), false, $avatar_folder_dir . '/' . $full_filename); $thumb_cropped = wp_crop_image($original_file, (int) $crop_x, (int) $crop_y, (int) $crop_w, (int) $crop_h, bp_core_avatar_thumb_width(), bp_core_avatar_thumb_height(), false, $avatar_folder_dir . '/' . $thumb_filename); // Check for errors if (empty($full_cropped) || empty($thumb_cropped) || is_wp_error($full_cropped) || is_wp_error($thumb_cropped)) { return false; } // Remove the original @unlink($original_file); return true; }
function bp_core_avatar_handle_crop( $args = '' ) { global $bp; $defaults = array( 'object' => 'user', 'avatar_dir' => 'avatars', 'item_id' => false, 'original_file' => false, 'crop_w' => BP_AVATAR_FULL_WIDTH, 'crop_h' => BP_AVATAR_FULL_HEIGHT, 'crop_x' => 0, 'crop_y' => 0 ); $r = wp_parse_args( $args, $defaults ); /*** * You may want to hook into this filter if you want to override this function. * Make sure you return false. */ if ( !apply_filters( 'bp_core_pre_avatar_handle_crop', true, $r ) ) return true; extract( $r, EXTR_SKIP ); if ( !$original_file ) return false; $original_file = BP_AVATAR_UPLOAD_PATH . $original_file; if ( !file_exists( $original_file ) ) return false; if ( !$item_id ) $avatar_folder_dir = apply_filters( 'bp_core_avatar_folder_dir', dirname( $original_file ), $item_id, $object, $avatar_dir ); else $avatar_folder_dir = apply_filters( 'bp_core_avatar_folder_dir', BP_AVATAR_UPLOAD_PATH . '/' . $avatar_dir . '/' . $item_id, $item_id, $object, $avatar_dir ); if ( !file_exists( $avatar_folder_dir ) ) return false; require_once( ABSPATH . '/wp-admin/includes/image.php' ); require_once( ABSPATH . '/wp-admin/includes/file.php' ); /* Delete the existing avatar files for the object */ bp_core_delete_existing_avatar( array( 'object' => $object, 'avatar_path' => $avatar_folder_dir ) ); /* Make sure we at least have a width and height for cropping */ if ( !(int)$crop_w ) $crop_w = BP_AVATAR_FULL_WIDTH; if ( !(int)$crop_h ) $crop_h = BP_AVATAR_FULL_HEIGHT; /* Set the full and thumb filenames */ $full_filename = wp_hash( $original_file . time() ) . '-bpfull.jpg'; $thumb_filename = wp_hash( $original_file . time() ) . '-bpthumb.jpg'; /* Crop the image */ $full_cropped = wp_crop_image( $original_file, (int)$crop_x, (int)$crop_y, (int)$crop_w, (int)$crop_h, BP_AVATAR_FULL_WIDTH, BP_AVATAR_FULL_HEIGHT, false, $avatar_folder_dir . '/' . $full_filename ); $thumb_cropped = wp_crop_image( $original_file, (int)$crop_x, (int)$crop_y, (int)$crop_w, (int)$crop_h, BP_AVATAR_THUMB_WIDTH, BP_AVATAR_THUMB_HEIGHT, false, $avatar_folder_dir . '/' . $thumb_filename ); /* Remove the original */ @unlink( $original_file ); return true; }
/** * Delete a user's avatar when the user is deleted. * * @since 1.9.0 * * @param int $user_id ID of the user who is about to be deleted. * @return bool True on success, false on failure. */ function bp_core_delete_avatar_on_user_delete($user_id) { return bp_core_delete_existing_avatar(array('item_id' => $user_id, 'object' => 'user')); }
/** * Handle the display of a group's Change Avatar page. */ function groups_screen_group_admin_avatar() { if ('group-avatar' != bp_get_group_current_admin_tab()) { return false; } // If the logged-in user doesn't have permission or if avatar uploads are disabled, then stop here. if (!bp_is_item_admin() || bp_disable_group_avatar_uploads() || !buddypress()->avatar->show_avatars) { return false; } $bp = buddypress(); // If the group admin has deleted the admin avatar. if (bp_is_action_variable('delete', 1)) { // Check the nonce. check_admin_referer('bp_group_avatar_delete'); if (bp_core_delete_existing_avatar(array('item_id' => $bp->groups->current_group->id, 'object' => 'group'))) { bp_core_add_message(__('The group profile photo was deleted successfully!', 'buddypress')); } else { bp_core_add_message(__('There was a problem deleting the group profile photo. Please try again.', 'buddypress'), 'error'); } } if (!isset($bp->avatar_admin)) { $bp->avatar_admin = new stdClass(); } $bp->avatar_admin->step = 'upload-image'; if (!empty($_FILES)) { // Check the nonce. check_admin_referer('bp_avatar_upload'); // Pass the file to the avatar upload handler. if (bp_core_avatar_handle_upload($_FILES, 'groups_avatar_upload_dir')) { $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping. add_action('wp_print_scripts', 'bp_core_add_jquery_cropper'); } } // If the image cropping is done, crop the image and save a full/thumb version. if (isset($_POST['avatar-crop-submit'])) { // Check the nonce. check_admin_referer('bp_avatar_cropstore'); $args = array('object' => 'group', 'avatar_dir' => 'group-avatars', 'item_id' => $bp->groups->current_group->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']); if (!bp_core_avatar_handle_crop($args)) { bp_core_add_message(__('There was a problem cropping the group profile photo.', 'buddypress'), 'error'); } else { bp_core_add_message(__('The new group profile photo was uploaded successfully.', 'buddypress')); } } /** * Fires before the loading of the group Change Avatar page template. * * @since 1.0.0 * * @param int $id ID of the group that is being displayed. */ do_action('groups_screen_group_admin_avatar', $bp->groups->current_group->id); /** * Filters the template to load for a group's Change Avatar page. * * @since 1.0.0 * * @param string $value Path to a group's Change Avatar template. */ bp_core_load_template(apply_filters('groups_template_group_admin_avatar', 'groups/single/home')); }
/** * Save the profile fields in Members community profile page. * * Loaded before the page is rendered, this function is processing form * requests. * * @since 2.0.0 * * @param string $doaction Action being run. * @param int $user_id ID for the user whose profile is being saved. * @param array $request Request being made. * @param string $redirect_to Where to redirect user to. */ public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '') { // Eventually delete avatar. if ('delete_avatar' === $doaction) { check_admin_referer('delete_avatar'); $redirect_to = remove_query_arg('_wpnonce', $redirect_to); if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) { $redirect_to = add_query_arg('updated', 'avatar', $redirect_to); } else { $redirect_to = add_query_arg('error', 'avatar', $redirect_to); } bp_core_redirect($redirect_to); // Update profile fields. } elseif (isset($_POST['field_ids'])) { // Check the nonce. check_admin_referer('edit-bp-profile_' . $user_id); // Check we have field ID's. if (empty($_POST['field_ids'])) { $redirect_to = add_query_arg('error', '1', $redirect_to); bp_core_redirect($redirect_to); } /** * Unlike front-end edit-fields screens, the wp-admin/profile * displays all groups of fields on a single page, so the list of * field ids is an array gathering for each group of fields a * distinct comma separated list of ids. * * As a result, before using the wp_parse_id_list() function, we * must ensure that these ids are "merged" into a single comma * separated list. */ $merge_ids = join(',', $_POST['field_ids']); // Explode the posted field IDs into an array so we know which fields have been submitted. $posted_field_ids = wp_parse_id_list($merge_ids); $is_required = array(); // Loop through the posted fields formatting any datebox values then validate the field. foreach ((array) $posted_field_ids as $field_id) { if (!isset($_POST['field_' . $field_id])) { if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) { // Concatenate the values. $date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year']; // Turn the concatenated value into a timestamp. $_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value)); } } $is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate'); if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) { $redirect_to = add_query_arg('error', '2', $redirect_to); bp_core_redirect($redirect_to); } } // Set the errors var. $errors = false; // Now we've checked for required fields, let's save the values. foreach ((array) $posted_field_ids as $field_id) { // Certain types of fields (checkboxes, multiselects) may come // through empty. Save them as an empty array so that they don't // get overwritten by the default on the next edit. $value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : ''; if (!xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id])) { $errors = true; } else { /** * Fires after the saving of each profile field, if successful. * * @since 1.1.0 * * @param int $field_id ID of the field being updated. * @param string $value Value that was saved to the field. */ do_action('xprofile_profile_field_data_updated', $field_id, $value); } // Save the visibility level. $visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public'; xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level); } /** * Fires after all of the profile fields have been saved. * * @since 1.0.0 * * @param int $user_id ID of the user whose data is being saved. * @param array $posted_field_ids IDs of the fields that were submitted. * @param bool $errors Whether or not errors occurred during saving. */ do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors); // Set the feedback messages. if (!empty($errors)) { $redirect_to = add_query_arg('error', '3', $redirect_to); } else { $redirect_to = add_query_arg('updated', '1', $redirect_to); } bp_core_redirect($redirect_to); } }
/** * Crop an uploaded avatar * * $args has the following parameters: * object - What component the avatar is for, e.g. "user" * avatar_dir The absolute path to the avatar * item_id - Item ID * original_file - The absolute path to the original avatar file * crop_w - Crop width * crop_h - Crop height * crop_x - The horizontal starting point of the crop * crop_y - The vertical starting point of the crop * * @global object $bp BuddyPress global settings * @param mixed $args * @return bool Success/failure */ function bp_core_avatar_handle_crop($args = '') { global $bp; $defaults = array('object' => 'user', 'avatar_dir' => 'avatars', 'item_id' => false, 'original_file' => false, 'crop_w' => bp_core_avatar_full_width(), 'crop_h' => bp_core_avatar_full_height(), 'crop_x' => 0, 'crop_y' => 0); $r = nxt_parse_args($args, $defaults); /*** * You may want to hook into this filter if you want to override this function. * Make sure you return false. */ if (!apply_filters('bp_core_pre_avatar_handle_crop', true, $r)) { return true; } extract($r, EXTR_SKIP); if (!$original_file) { return false; } $original_file = bp_core_avatar_upload_path() . $original_file; if (!file_exists($original_file)) { return false; } if (!$item_id) { $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', dirname($original_file), $item_id, $object, $avatar_dir); } else { $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', bp_core_avatar_upload_path() . '/' . $avatar_dir . '/' . $item_id, $item_id, $object, $avatar_dir); } if (!file_exists($avatar_folder_dir)) { return false; } require_once ABSPATH . '/nxt-admin/includes/image.php'; require_once ABSPATH . '/nxt-admin/includes/file.php'; // Delete the existing avatar files for the object bp_core_delete_existing_avatar(array('object' => $object, 'avatar_path' => $avatar_folder_dir)); // Make sure we at least have a width and height for cropping if (!(int) $crop_w) { $crop_w = bp_core_avatar_full_width(); } if (!(int) $crop_h) { $crop_h = bp_core_avatar_full_height(); } // Set the full and thumb filenames $full_filename = nxt_hash($original_file . time()) . '-bpfull.jpg'; $thumb_filename = nxt_hash($original_file . time()) . '-bpthumb.jpg'; // Crop the image $full_cropped = nxt_crop_image($original_file, (int) $crop_x, (int) $crop_y, (int) $crop_w, (int) $crop_h, bp_core_avatar_full_width(), bp_core_avatar_full_height(), false, $avatar_folder_dir . '/' . $full_filename); $thumb_cropped = nxt_crop_image($original_file, (int) $crop_x, (int) $crop_y, (int) $crop_w, (int) $crop_h, bp_core_avatar_thumb_width(), bp_core_avatar_thumb_height(), false, $avatar_folder_dir . '/' . $thumb_filename); // Remove the original @unlink($original_file); return true; }
/** * xprofile_action_delete_avatar() * * This function runs when an action is set for a screen: * example.com/members/andy/profile/change-avatar/ [delete-avatar] * * The function will delete the active avatar for a user. * * @package BuddyPress Xprofile * @global $bp The global BuddyPress settings variable created in bp_core_setup_globals() * @uses bp_core_delete_avatar() Deletes the active avatar for the logged in user. * @uses add_action() Runs a specific function for an action when it fires. * @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename) */ function xprofile_action_delete_avatar() { global $bp; if ( $bp->profile->slug != $bp->current_component || 'change-avatar' != $bp->current_action || 'delete-avatar' != $bp->action_variables[0] ) return false; /* Check the nonce */ check_admin_referer( 'bp_delete_avatar_link' ); if ( !bp_is_my_profile() && !is_super_admin() ) return false; if ( bp_core_delete_existing_avatar( array( 'item_id' => $bp->displayed_user->id ) ) ) bp_core_add_message( __( 'Your avatar was deleted successfully!', 'buddypress' ) ); else bp_core_add_message( __( 'There was a problem deleting that avatar, please try again.', 'buddypress' ), 'error' ); bp_core_redirect( wp_get_referer() ); }
function groups_screen_group_admin_avatar() { global $bp; if ( $bp->current_component == $bp->groups->slug && 'group-avatar' == $bp->action_variables[0] ) { if ( !$bp->is_item_admin ) return false; /* If the group admin has deleted the admin avatar */ if ( 'delete' == $bp->action_variables[1] ) { /* Check the nonce */ check_admin_referer( 'bp_group_avatar_delete' ); if ( bp_core_delete_existing_avatar( array( 'item_id' => $bp->groups->current_group->id, 'object' => 'group' ) ) ) bp_core_add_message( __( 'Your avatar was deleted successfully!', 'buddypress' ) ); else bp_core_add_message( __( 'There was a problem deleting that avatar, please try again.', 'buddypress' ), 'error' ); } $bp->avatar_admin->step = 'upload-image'; if ( !empty( $_FILES ) ) { /* Check the nonce */ check_admin_referer( 'bp_avatar_upload' ); /* Pass the file to the avatar upload handler */ if ( bp_core_avatar_handle_upload( $_FILES, 'groups_avatar_upload_dir' ) ) { $bp->avatar_admin->step = 'crop-image'; /* Make sure we include the jQuery jCrop file for image cropping */ add_action( 'wp', 'bp_core_add_jquery_cropper' ); } } /* If the image cropping is done, crop the image and save a full/thumb version */ if ( isset( $_POST['avatar-crop-submit'] ) ) { /* Check the nonce */ check_admin_referer( 'bp_avatar_cropstore' ); if ( !bp_core_avatar_handle_crop( array( 'object' => 'group', 'avatar_dir' => 'group-avatars', 'item_id' => $bp->groups->current_group->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h'] ) ) ) bp_core_add_message( __( 'There was a problem cropping the avatar, please try uploading it again', 'buddypress' ) ); else bp_core_add_message( __( 'The new group avatar was uploaded successfully!', 'buddypress' ) ); } do_action( 'groups_screen_group_admin_avatar', $bp->groups->current_group->id ); bp_core_load_template( apply_filters( 'groups_template_group_admin_avatar', 'groups/single/home' ) ); } }
function bp_caver_avatar_handle_upload() { global $bp; if ($_POST['encodedimg']) { $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : bp_displayed_user_id(); $imgresponse = array(); $uploaddir = bp_core_avatar_upload_path() . '/avatars'; if (!file_exists($uploaddir)) { mkdir($uploaddir); } $img = $_POST['encodedimg']; $img = str_replace('data:' . $_POST['imgtype'] . ';base64,', '', $img); $img = str_replace(' ', '+', $img); $data = base64_decode($img); $filepath = $uploaddir . '/' . $user_id; if (!file_exists($filepath)) { mkdir($filepath); } $imgname = wp_unique_filename($uploaddir, $_POST['imgname']); $fileurl = $filepath . '/' . $imgname; $siteurl = trailingslashit(get_blog_option(1, 'siteurl')); $url = str_replace(ABSPATH, $siteurl, $fileurl); $success = file_put_contents($fileurl, $data); $file = $_POST['imgsize']; $max_upload_size = bp_cover_get_max_media_size(); if ($max_upload_size > $file) { if ($success) { $imgresponse[0] = "1"; $imgresponse[1] = $fileurl; $size = getimagesize($fileurl); /* Check image size and shrink if too large */ if ($size[0] > 150) { $original_file = image_resize($fileurl, 150, 150, true); //$ava_file = image_resize( $fileurl, 250, 250, true ); /* Check for thumbnail creation errors */ if (is_wp_error($original_file)) { $imgresponse[0] = "0"; $imgresponse[1] = sprintf(__('Upload Failed! Error was: %s', 'bp-cover'), $original_file->get_error_message()); die; } $avatar_to_crop = str_replace(bp_core_avatar_upload_path(), '', $original_file); bp_core_delete_existing_avatar(array('item_id' => $user_id, 'avatar_path' => bp_core_avatar_upload_path() . '/avatars/' . $user_id)); $crop_args = array('item_id' => $user_id, 'original_file' => $avatar_to_crop, 'crop_w' => 0, 'crop_h' => 0); bp_core_avatar_handle_crop($crop_args); //$url = str_replace(ABSPATH,$siteurl,$ava_file); update_user_meta(bp_loggedin_user_id(), 'profile_avatar', $url); do_action('xprofile_avatar_uploaded'); } else { $imgresponse[0] = "0"; $imgresponse[1] = __('Upload Failed! Your photo must be larger than 150px', 'bp-cover'); } } else { $imgresponse[0] = "0"; $imgresponse[1] = __('Upload Failed! Unable to write the image on server', 'bp-cover'); } } else { $imgresponse[0] = "0"; $imgresponse[1] = sprintf(__('The file you uploaded is too big. Please upload a file under %s', 'bp-cover'), size_format($max_upload_size)); } } else { $imgresponse[0] = "0"; $imgresponse[1] = __('Upload Failed! No image sent', 'bp-cover'); } /* if everything is ok, we send back url to thumbnail and to full image */ echo json_encode($imgresponse); die; }
function bfox_bp_plans_update_plan_avatar(BfoxReadingPlan $plan, $is_create = false) { global $bp; bfox_bp_plans_must_own($plan); if (!$is_create) { /* If the group admin has deleted the admin avatar */ if ('delete' == $bp->action_variables[0]) { /* Check the nonce */ check_admin_referer('bfox_bp_plan_avatar_delete'); if (bp_core_delete_existing_avatar(array('item_id' => $plan->id, 'object' => 'plan'))) { bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress')); } else { bp_core_add_message(__('There was a problem deleting that avatar, please try again.', 'buddypress'), 'error'); } bp_core_redirect($plan->url() . 'avatar/'); } } $bp->avatar_admin->step = 'upload-image'; if (!empty($_FILES) && isset($_POST['upload'])) { if ($is_create) { check_admin_referer('plans_create_save_plan-avatar'); } else { check_admin_referer('bp_avatar_upload'); } /* Pass the file to the avatar upload handler */ if (bp_core_avatar_handle_upload($_FILES, 'bfox_bp_plans_avatar_upload_dir')) { $bp->avatar_admin->step = 'crop-image'; /* Make sure we include the jQuery jCrop file for image cropping */ add_action('wp', 'bp_core_add_jquery_cropper'); } } /* If the image cropping is done, crop the image and save a full/thumb version */ if (isset($_POST['avatar-crop-submit'])) { if ($is_create) { check_admin_referer('plans_create_save_plan-avatar'); } else { check_admin_referer('bp_avatar_cropstore'); } if (!bp_core_avatar_handle_crop(array('object' => 'plan', 'avatar_dir' => 'plan-avatars', 'item_id' => $plan->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) { bp_core_add_message(__('There was a problem cropping the avatar, please try uploading it again', 'buddypress')); } else { bp_core_add_message(__('The new reading plan avatar was uploaded successfully!', 'buddypress')); } } }
/** * Save the profile fields in Members community profile page. * * Loaded before the page is rendered, this function is processing form * requests. * * @access public * @since BuddyPress (2.0.0) */ public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '') { // Eventually delete avatar if ('delete_avatar' == $doaction) { check_admin_referer('delete_avatar'); $redirect_to = remove_query_arg('_wpnonce', $redirect_to); if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) { $redirect_to = add_query_arg('updated', 'avatar', $redirect_to); } else { $redirect_to = add_query_arg('error', 'avatar', $redirect_to); } bp_core_redirect($redirect_to); // Update profile fields } else { // Check to see if any new information has been submitted if (isset($_POST['field_ids'])) { // Check the nonce check_admin_referer('edit-bp-profile_' . $user_id); // Check we have field ID's if (empty($_POST['field_ids'])) { $redirect_to = add_query_arg('error', '1', $redirect_to); bp_core_redirect($redirect_to); } /** * Unlike front-end edit-fields screens, the wp-admin/profile displays all * groups of fields on a single page, so the list of field ids is an array * gathering for each group of fields a distinct comma separated list of ids. * As a result, before using the wp_parse_id_list() function, we must ensure * that these ids are "merged" into a single comma separated list. */ $merge_ids = join(',', $_POST['field_ids']); // Explode the posted field IDs into an array so we know which fields have been submitted $posted_field_ids = wp_parse_id_list($merge_ids); $is_required = array(); // Loop through the posted fields formatting any datebox values then validate the field foreach ((array) $posted_field_ids as $field_id) { if (!isset($_POST['field_' . $field_id])) { if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) { // Concatenate the values $date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year']; // Turn the concatenated value into a timestamp $_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value)); } } $is_required[$field_id] = xprofile_check_is_required_field($field_id); if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) { $redirect_to = add_query_arg('error', '2', $redirect_to); bp_core_redirect($redirect_to); } } // Set the errors var $errors = false; // Now we've checked for required fields, let's save the values. foreach ((array) $posted_field_ids as $field_id) { // Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit. $value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : ''; if (!xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id])) { $errors = true; } else { do_action('xprofile_profile_field_data_updated', $field_id, $value); } // Save the visibility level $visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public'; xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level); } do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors); // Set the feedback messages if (!empty($errors)) { $redirect_to = add_query_arg('error', '3', $redirect_to); } else { $redirect_to = add_query_arg('updated', '1', $redirect_to); } bp_core_redirect($redirect_to); } } }
/** * Save the profile fields in Members community profile page. * * Loaded before the page is rendered, this function is processing form * requests. * * @since 2.0.0 * * @param string $doaction Action being run. * @param int $user_id ID for the user whose profile is being saved. * @param array $request Request being made. * @param string $redirect_to Where to redirect user to. */ public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '') { // Eventually delete avatar. if ('delete_avatar' === $doaction) { check_admin_referer('delete_avatar'); $redirect_to = remove_query_arg('_wpnonce', $redirect_to); if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) { $redirect_to = add_query_arg('updated', 'avatar', $redirect_to); } else { $redirect_to = add_query_arg('error', 'avatar', $redirect_to); } bp_core_redirect($redirect_to); } elseif (isset($_POST['field_ids'])) { // Update profile fields. // Check the nonce. check_admin_referer('edit-bp-profile_' . $user_id); // Check we have field ID's. if (empty($_POST['field_ids'])) { $redirect_to = add_query_arg('error', '1', $redirect_to); bp_core_redirect($redirect_to); } /** * Unlike front-end edit-fields screens, the wp-admin/profile * displays all groups of fields on a single page, so the list of * field ids is an array gathering for each group of fields a * distinct comma separated list of ids. * * As a result, before using the wp_parse_id_list() function, we * must ensure that these ids are "merged" into a single comma * separated list. */ $merge_ids = join(',', $_POST['field_ids']); // Explode the posted field IDs into an array so we know which fields have been submitted. $posted_field_ids = wp_parse_id_list($merge_ids); $is_required = array(); // Loop through the posted fields formatting any datebox values then validate the field. foreach ((array) $posted_field_ids as $field_id) { bp_xprofile_maybe_format_datebox_post_data($field_id); $is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate'); if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) { $redirect_to = add_query_arg('error', '2', $redirect_to); bp_core_redirect($redirect_to); } } // Set the errors var. $errors = false; // Now we've checked for required fields, let's save the values. $old_values = $new_values = array(); foreach ((array) $posted_field_ids as $field_id) { /* * Certain types of fields (checkboxes, multiselects) may come * through empty. Save them as an empty array so that they don't * get overwritten by the default on the next edit. */ $value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : ''; $visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public'; /* * Save the old and new values. They will be * passed to the filter and used to determine * whether an activity item should be posted. */ $old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, $user_id), 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id)); // Update the field data and visibility level. xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level); $field_updated = xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id]); $value = xprofile_get_field_data($field_id, $user_id); $new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id)); if (!$field_updated) { $errors = true; } else { /** * Fires after the saving of each profile field, if successful. * * @since 1.1.0 * * @param int $field_id ID of the field being updated. * @param string $value Value that was saved to the field. */ do_action('xprofile_profile_field_data_updated', $field_id, $value); } } /** * Fires after all XProfile fields have been saved for the current profile. * * @since 1.0.0 * @since 2.6.0 Added $old_values and $new_values parameters. * * @param int $user_id ID for the user whose profile is being saved. * @param array $posted_field_ids Array of field IDs that were edited. * @param bool $errors Whether or not any errors occurred. * @param array $old_values Array of original values before update. * @param array $new_values Array of newly saved values after update. */ do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors, $old_values, $new_values); // Set the feedback messages. if (!empty($errors)) { $redirect_to = add_query_arg('error', '3', $redirect_to); } else { $redirect_to = add_query_arg('updated', '1', $redirect_to); } bp_core_redirect($redirect_to); } }
/** * Crop the avatar. * * @since 2.3.0 * * @see BP_Attachment::crop for the list of parameters * @uses bp_core_fetch_avatar() * @uses bp_core_delete_existing_avatar() * @uses bp_core_avatar_full_width() * @uses bp_core_avatar_full_height() * @uses bp_core_avatar_dimension() * @uses BP_Attachment::crop * * @param array $args Array of arguments for the cropping. * @return array The cropped avatars (full and thumb). */ public function crop($args = array()) { // Bail if the original file is missing. if (empty($args['original_file'])) { return false; } /** * Original file is a relative path to the image * eg: /avatars/1/avatar.jpg */ $relative_path = $args['original_file']; $absolute_path = $this->upload_path . $relative_path; // Bail if the avatar is not available. if (!file_exists($absolute_path)) { return false; } if (empty($args['item_id'])) { /** This filter is documented in bp-core/bp-core-avatars.php */ $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', dirname($absolute_path), $args['item_id'], $args['object'], $args['avatar_dir']); } else { /** This filter is documented in bp-core/bp-core-avatars.php */ $avatar_folder_dir = apply_filters('bp_core_avatar_folder_dir', $this->upload_path . '/' . $args['avatar_dir'] . '/' . $args['item_id'], $args['item_id'], $args['object'], $args['avatar_dir']); } // Bail if the avatar folder is missing for this item_id. if (!file_exists($avatar_folder_dir)) { return false; } // Delete the existing avatar files for the object. $existing_avatar = bp_core_fetch_avatar(array('object' => $args['object'], 'item_id' => $args['item_id'], 'html' => false)); /** * Check that the new avatar doesn't have the same name as the * old one before deleting */ if (!empty($existing_avatar) && $existing_avatar !== $this->url . $relative_path) { bp_core_delete_existing_avatar(array('object' => $args['object'], 'item_id' => $args['item_id'], 'avatar_path' => $avatar_folder_dir)); } // Make sure we at least have minimal data for cropping. if (empty($args['crop_w'])) { $args['crop_w'] = bp_core_avatar_full_width(); } if (empty($args['crop_h'])) { $args['crop_h'] = bp_core_avatar_full_height(); } // Get the file extension. $data = @getimagesize($absolute_path); $ext = $data['mime'] == 'image/png' ? 'png' : 'jpg'; $args['original_file'] = $absolute_path; $args['src_abs'] = false; $avatar_types = array('full' => '', 'thumb' => ''); foreach ($avatar_types as $key_type => $type) { if ('thumb' === $key_type) { $args['dst_w'] = bp_core_avatar_thumb_width(); $args['dst_h'] = bp_core_avatar_thumb_height(); } else { $args['dst_w'] = bp_core_avatar_full_width(); $args['dst_h'] = bp_core_avatar_full_height(); } $args['dst_file'] = $avatar_folder_dir . '/' . wp_hash($absolute_path . time()) . '-bp' . $key_type . '.' . $ext; $avatar_types[$key_type] = parent::crop($args); } // Remove the original. @unlink($absolute_path); // Return the full and thumb cropped avatars. return $avatar_types; }
function groups_screen_group_admin_avatar() { global $bp; if (bp_is_groups_component() && bp_is_action_variable('group-avatar', 0)) { // If the logged-in user doesn't have permission or if avatar uploads are disabled, then stop here if (!$bp->is_item_admin || (int) bp_get_option('bp-disable-avatar-uploads')) { return false; } // If the group admin has deleted the admin avatar if (bp_is_action_variable('delete', 1)) { // Check the nonce check_admin_referer('bp_group_avatar_delete'); if (bp_core_delete_existing_avatar(array('item_id' => $bp->groups->current_group->id, 'object' => 'group'))) { bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress')); } else { bp_core_add_message(__('There was a problem deleting that avatar, please try again.', 'buddypress'), 'error'); } } $bp->avatar_admin->step = 'upload-image'; if (!empty($_FILES)) { // Check the nonce check_admin_referer('bp_avatar_upload'); // Pass the file to the avatar upload handler if (bp_core_avatar_handle_upload($_FILES, 'groups_avatar_upload_dir')) { $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping add_action('wp_print_scripts', 'bp_core_add_jquery_cropper'); } } // If the image cropping is done, crop the image and save a full/thumb version if (isset($_POST['avatar-crop-submit'])) { // Check the nonce check_admin_referer('bp_avatar_cropstore'); if (!bp_core_avatar_handle_crop(array('object' => 'group', 'avatar_dir' => 'group-avatars', 'item_id' => $bp->groups->current_group->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) { bp_core_add_message(__('There was a problem cropping the avatar, please try uploading it again', 'buddypress')); } else { bp_core_add_message(__('The new group avatar was uploaded successfully!', 'buddypress')); } } do_action('groups_screen_group_admin_avatar', $bp->groups->current_group->id); bp_core_load_template(apply_filters('groups_template_group_admin_avatar', 'groups/single/home')); } }
/** * Ajax delete an avatar for a given object and item id. * * @since 2.3.0 * * @return string|null A json object containing success data if the avatar was deleted * error message otherwise. */ function bp_avatar_ajax_delete() { // Bail if not a POST action. if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { wp_send_json_error(); } $avatar_data = $_POST; if (empty($avatar_data['object']) || empty($avatar_data['item_id'])) { wp_send_json_error(); } $nonce = 'bp_delete_avatar_link'; if ('group' === $avatar_data['object']) { $nonce = 'bp_group_avatar_delete'; } // Check the nonce check_admin_referer($nonce, 'nonce'); // Capability check if (!bp_attachments_current_user_can('edit_avatar', $avatar_data)) { wp_send_json_error(); } // Handle delete if (bp_core_delete_existing_avatar(array('item_id' => $avatar_data['item_id'], 'object' => $avatar_data['object']))) { $return = array('avatar' => html_entity_decode(bp_core_fetch_avatar(array('object' => $avatar_data['object'], 'item_id' => $avatar_data['item_id'], 'html' => false, 'type' => 'full'))), 'feedback_code' => 4, 'item_id' => $avatar_data['item_id']); wp_send_json_success($return); } else { wp_send_json_error(array('feedback_code' => 3)); } }
/** * Load Link home page edit avatar template, handle form if submitted */ function bp_links_screen_link_admin_avatar() { global $bp; if (!$bp->is_item_admin || 'link-avatar' != bp_links_admin_current_action_variable()) { return false; } // handle empty avatar admin property if (false === isset($bp->avatar_admin)) { $bp->avatar_admin = new stdClass(); } // If the link admin has deleted the admin avatar if ('delete' == $bp->action_variables[1]) { /* Check the nonce */ check_admin_referer('bp_link_avatar_delete'); if (bp_core_delete_existing_avatar(array('item_id' => $bp->links->current_link->id, 'object' => 'link', 'avatar_dir' => 'link-avatars'))) { bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress-links')); } else { bp_core_add_message(sprintf('%s %s', __('There was a problem deleting that avatar', 'buddypress-links'), __('Please try again.', 'buddypress-links')), 'error'); } } $bp->avatar_admin->step = 'upload-image'; if (isset($_POST['avatar-crop-submit'])) { // Check the nonce check_admin_referer('bp_avatar_cropstore'); // received crop coords, crop the image and save a full/thumb version if (bp_core_avatar_handle_crop(array('object' => 'link', 'avatar_dir' => 'link-avatars', 'item_id' => $bp->links->current_link->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) { bp_links_embed_handle_crop($bp->links->current_link); bp_core_add_message(__('The link avatar was uploaded successfully!', 'buddypress-links')); } else { bp_core_add_message(sprintf('%s %s', __('There was an error saving link avatar.', 'buddypress-links'), __('Please try again.', 'buddypress-links')), 'error'); } } elseif (isset($_POST['upload']) || isset($_POST['embed-submit'])) { // Check the nonce check_admin_referer('bp_avatar_upload'); // handle image uploading if (!empty($_POST['embed-submit']) && bp_links_embed_handle_upload($bp->links->current_link, $_POST['embed-html'])) { // we are good to crop $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping add_action('wp_enqueue_scripts', 'bp_core_add_jquery_cropper'); } elseif (isset($_POST['upload']) && !empty($_FILES)) { // Pass the file to the avatar upload handler if (bp_core_avatar_handle_upload($_FILES, 'bp_links_avatar_upload_dir')) { // we are good to crop $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping add_action('wp_enqueue_scripts', 'bp_core_add_jquery_cropper'); } } } do_action('bp_links_screen_link_admin_avatar', $bp->links->current_link->id); bp_links_load_template('single/home'); }